urlscan.io logo urlscan.io
SecurityTrails logo

prnt.sc Open in urlscan Pro
104.27.100.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Effective URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Submission: On February 02 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 82 HTTP transactions. The main IP is 104.27.100.99, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 26th 2019. Valid for: 6 months.
This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.27.100.99 13335 (CLOUDFLAR...)
20 104.20.14.105 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
10 151.139.242.3 33438 (HIGHWINDS2)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
4 192.207.255.146 62821 (AS-MNX)
1 199.16.156.241 13414 (TWITTER)
4 2a00:1450:400... 15169 (GOOGLE)
3 74.214.194.133 59940 (PULSEPOIN...)
4 192.207.255.147 62821 (AS-MNX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 172.217.22.66 15169 (GOOGLE)
2 5 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 6 151.101.0.166 54113 (FASTLY)
4 4 216.58.205.226 15169 (GOOGLE)
82 20
2    104.27.100.99 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
prnt.sc
20    104.20.14.105 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
st.prntscr.com
image.prntscr.com
api.prntscr.com
2    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
10    151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.ad4game.com
1    2a00:1450:400c:c08::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
4    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
4    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
4    192.207.255.146 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy1.ad4game.com
ads.ad4game.com
1    199.16.156.241 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
4    2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
3    74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bid.contextweb.com
4    192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com
ads.ad4game.com
1    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
5    172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
securepubads.g.doubleclick.net
5    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    2a00:1450:4001:806::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
6    151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
4    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
cm.g.doubleclick.net
Domain Requested by
17 st.prntscr.com prnt.sc
st.prntscr.com
10 cdn.ad4game.com prnt.sc
ads.ad4game.com
8 ads.ad4game.com cdn.ad4game.com
prnt.sc
6 bh.contextweb.com 3 redirects
5 www.facebook.com 2 redirects connect.facebook.net
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
prnt.sc
4 cm.g.doubleclick.net 4 redirects
4 www.googletagservices.com ads.ad4game.com
securepubads.g.doubleclick.net
4 platform.twitter.com prnt.sc
platform.twitter.com
3 bid.contextweb.com cdn.ad4game.com
2 pagead2.googlesyndication.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 staticxx.facebook.com connect.facebook.net
2 api.prntscr.com st.prntscr.com
prnt.sc
2 connect.facebook.net prnt.sc
connect.facebook.net
2 www.google-analytics.com 1 redirects prnt.sc
2 prnt.sc prnt.sc
st.prntscr.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 syndication.twitter.com prnt.sc
1 www.google.de prnt.sc
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 image.prntscr.com prnt.sc
82 24

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com
Subject Issuer Validity Valid
ssl387277.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-26 -
2019-08-04		 6 months crt.sh
ssl366238.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-17 -
2019-06-25		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2017-11-23 -
2020-01-16		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
ads.ad4game.com
Go Daddy Secure Certificate Authority - G2		 2016-03-28 -
2019-04-26		 3 years crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2016-06-29 -
2019-09-16		 3 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Frame ID: 9ED165AB0C2E784D5A9253F53CA866CF
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.219ae0a24a0fde13418c38af0499134b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: EC92AA5456EFC19186EDF57041D07726
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Frame ID: 4D7FDEA6E25C728C37DE896DA4C0A968
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
Frame ID: DCDA1882074DC8E4810F404527228BF4
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Frame ID: ED866053651338DD9B0B805B1E1D842A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1884f9137d3ca4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 52060DF3D8EA3AE844E117B6D859193E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4
Frame ID: 548A2FFDA6DDD129677FF4D37E3A44FB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df9cf58b09a858c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: 6705AD1DBC16736E646B65B51389F497
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Frame ID: C3F0E002E34201CB5D3423F1422BA958
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 54F3BF0824F77E9A22DF71C87E7ECBB6
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ad4game.com/async-ajs.min.js
Frame ID: 0E045B31A6E3DDD2EF0EEB043CEF59AF
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
  • env /pbjs/i
  • env /PREBID_TIMEOUT/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

82
Requests

91 %
HTTPS

55 %
IPv6

13
Domains

24
Subdomains

20
IPs

3
Countries

653 kB
Transfer

1639 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1484922610&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1035764720&gjid=682924699&cid=920617242.1549066688&tid=UA-12353127-1&_gid=393531511.1549066688&_r=1&z=1710368673 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_gid=393531511.1549066688&gjid=682924699&_v=j73&z=1710368673 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673&slf_rd=1&random=425486057
Request Chain 40
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1144227ae3ed2%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey HTTP 302
  • https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Request Chain 42
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4
Request Chain 75
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
Request Chain 76
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
Request Chain 77
  • https://bh.contextweb.com/visitormatch/prebid HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mdl2m4
prnt.sc/ma7kwj%20https://prnt.sc/ 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc55b8a676ba2ee801678558e2b037ca914deb64cd76886cab6d6b586a7cef38
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
prnt.sc
:scheme
https
:path
/ma7kwj%20https://prnt.sc/mdl2m4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 02 Feb 2019 00:18:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d946d280bdd3db7bb79f783dd9b4443fd1549066687; expires=Sun, 02-Feb-20 00:18:07 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4a287a8d9efcc77f-AMS
content-encoding
br
main.css
st.prntscr.com/2019/02/01/0113/css/ 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/css/main.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-23d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
4a287a8ecbdd9c23-AMS
expires
Sat, 02 Feb 2019 00:22:41 GMT
jquery.1.8.2.min.js
st.prntscr.com/2019/02/01/0113/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/jquery.1.8.2.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-827c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a287a8ecbdf9c23-AMS
expires
Sat, 02 Feb 2019 00:22:41 GMT
script.mix.js
st.prntscr.com/2019/02/01/0113/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/script.mix.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45086739e84ef2f08a71c81711e7d2767a17c5dbaa61e3b4076eaa89d6db6e7

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-5e69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a287a8ecbe09c23-AMS
expires
Sat, 02 Feb 2019 00:22:41 GMT
GDJ_8lrwQqOVhOV6nIxIRA.png
image.prntscr.com/image/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.prntscr.com/image/GDJ_8lrwQqOVhOV6nIxIRA.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Magic
Resource Hash
def4bb165c674acec280ae12b8e1029d5be6418587544e0eed0f465ae4cbeefc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
MISS
x-powered-by
Magic
status
200
x-temperature
Warm
content-length
17373
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
4a287a8ee981bba8-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 30 Jan 2029 00:18:07 GMT
mdl2m4
prnt.sc/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prnt.sc/mdl2m4
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.27.100.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/mdl2m4
pragma
no-cache
cookie
__cfduid=d946d280bdd3db7bb79f783dd9b4443fd1549066687
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
prnt.sc
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
:scheme
https
:method
GET
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
200
cf-ray
4a287a8e7896c77f-AMS
image-helper.js
st.prntscr.com/2019/02/01/0113/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/image-helper.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:06 GMT
server
cloudflare
etag
W/"5c539d9a-a2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a287a8f2bff9c23-AMS
expires
Sat, 02 Feb 2019 00:22:55 GMT
footer-logo.png
st.prntscr.com/2019/02/01/0113/img/ 		630 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/footer-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1848
status
200
content-disposition
inline; filename="footer-logo.webp"
cf-bgj
imgq:100
content-length
630
last-modified
Mon, 05 Sep 2016 15:49:19 GMT
server
cloudflare
etag
"57cd93ff-738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f2c019c23-AMS
expires
Sat, 02 Feb 2019 00:22:39 GMT
jquery.smartbanner.css
st.prntscr.com/2019/02/01/0113/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/css/jquery.smartbanner.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:37 GMT
server
cloudflare
etag
W/"5c539db9-ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
4a287a8ecbde9c23-AMS
expires
Sat, 02 Feb 2019 00:22:41 GMT
jquery.smartbanner.js
st.prntscr.com/2019/02/01/0113/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/jquery.smartbanner.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
W/"5c539dc0-aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
4a287a8f2c009c23-AMS
expires
Sat, 02 Feb 2019 00:22:48 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3824
date
Fri, 01 Feb 2019 23:14:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Sat, 02 Feb 2019 01:14:23 GMT
page-bg.png
st.prntscr.com/2019/02/01/0113/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/page-bg.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7116
status
200
content-disposition
inline; filename="page-bg.webp"
cf-bgj
imgq:100
content-length
5608
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
"5c539dc0-1a7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c079c23-AMS
expires
Sat, 02 Feb 2019 00:22:48 GMT
header-logo.png
st.prntscr.com/2019/02/01/0113/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/header-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=7995
status
200
content-disposition
inline; filename="header-logo.webp"
cf-bgj
imgq:100
content-length
4152
last-modified
Fri, 01 Feb 2019 01:15:44 GMT
server
cloudflare
etag
"5c539dc0-1e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c089c23-AMS
expires
Sat, 02 Feb 2019 00:22:56 GMT
button-download.png
st.prntscr.com/2019/02/01/0113/img/ 		314 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/button-download.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1404
status
200
content-disposition
inline; filename="button-download.webp"
cf-bgj
imgq:100
content-length
314
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-57c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c099c23-AMS
expires
Sat, 02 Feb 2019 00:22:56 GMT
button-icon-sep.png
st.prntscr.com/2019/02/01/0113/img/ 		40 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/button-icon-sep.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=928
status
200
content-disposition
inline; filename="button-icon-sep.webp"
cf-bgj
imgq:100
content-length
40
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-3a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c0a9c23-AMS
expires
Sat, 02 Feb 2019 00:22:43 GMT
icon-twitter_gscale.png
st.prntscr.com/2019/02/01/0113/img/ 		374 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-twitter_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1535
status
200
content-disposition
inline; filename="icon-twitter_gscale.webp"
cf-bgj
imgq:100
content-length
374
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-5ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c0b9c23-AMS
expires
Sat, 02 Feb 2019 00:22:57 GMT
icon-facebook_gscale.png
st.prntscr.com/2019/02/01/0113/img/ 		296 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-facebook_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1325
status
200
content-disposition
inline; filename="icon-facebook_gscale.webp"
cf-bgj
imgq:100
content-length
296
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f3c0c9c23-AMS
expires
Sat, 02 Feb 2019 00:22:57 GMT
async-ajs.min.js
cdn.ad4game.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:07 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
W/"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
icon-edit.png
st.prntscr.com/2019/02/01/0113/img/ 		461 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-edit.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origSize=3153, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
461
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f6c1c9c23-AMS
expires
Sat, 02 Feb 2019 00:22:56 GMT
icon-camera.png
st.prntscr.com/2019/02/01/0113/img/ 		158 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-camera.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=1089
status
200
content-disposition
inline; filename="icon-camera.webp"
cf-bgj
imgq:100
content-length
158
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f6c1d9c23-AMS
expires
Sat, 02 Feb 2019 00:22:56 GMT
icon-abuse.png
st.prntscr.com/2019/02/01/0113/img/ 		126 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.prntscr.com/2019/02/01/0113/img/icon-abuse.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

Referer
https://st.prntscr.com/2019/02/01/0113/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:07 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=327
status
200
content-disposition
inline; filename="icon-abuse.webp"
cf-bgj
imgq:100
content-length
126
last-modified
Fri, 01 Feb 2019 01:14:33 GMT
server
cloudflare
etag
"5c539d79-147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
4a287a8f6c1e9c23-AMS
expires
Sat, 02 Feb 2019 00:22:57 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1484922610&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lights...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_gid=393531511.1549066688&gjid=682924699&_v=j73&z=1710368673
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673&slf_rd=1&random=425486057
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673&slf_rd=1&random=425486057
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=920617242.1549066688&jid=1035764720&_v=j73&z=1710368673&slf_rd=1&random=425486057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb05b0248935e2ea4b0ba4998b23eca3701ef160e081055a2d4a8e9b55536b0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jOPMWI83ab/wHHGl5IEdeg==
status
200
vary
Accept-Encoding
content-length
1744
x-xss-protection
0
x-fb-debug
yh6tllfoJhrRjgfr+zFksEjJoIeBnOPyBCvnECnF9nPdfahQL+PLSW2FfgzDhCYBaGR00b5cGi71zhtFIWED3w==
x-fb-content-md5
c121239049591110f2c72879c7374830
date
Sat, 02 Feb 2019 00:18:07 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
access-control-allow-credentials
true
etag
"2fe4bb97bc4020b7870579505518d03c"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin
*
expires
Sat, 02 Feb 2019 00:35:44 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4184) /
Resource Hash
90a01a8b4ae45ad9cf1dea505cc7139c567939e4b9bb28cd9973ba6f72857914

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 00:18:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jan 2019 22:41:47 GMT
Server
ECS (fcn/4184)
Etag
"c5e6acb59d053277c3389a12cf578f84+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
27963
/
api.prntscr.com/v1/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/02/01/0113/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://prnt.sc
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
server
cloudflare
access-control-allow-origin
https://prnt.sc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
status
204
access-control-allow-credentials
true
cf-ray
4a287a8fcb23bba8-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
all.js
connect.facebook.net/en_US/ 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0471f2d1f37d200a4f5085823f1a5b06c3cb48285892f16c6ba2954292e7e81f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IZ7uGpicoIaZo4y+sLNHzQ==
status
200
vary
Accept-Encoding
content-length
54046
x-xss-protection
0
x-fb-debug
6crV5vpdHUv+XP02cNsokDr8K/gC0D8/x7HVjEcp5CuUdsmp1ihXrhXDwvlnQO+JoZhp+AMEHfKxjOczu0IkHg==
x-fb-content-md5
48d41b859e40fb1ae1334ee885f295ca
date
Sat, 02 Feb 2019 00:18:07 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
access-control-allow-credentials
true
etag
"3279208312e93866f47f1d432b5c4f89"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Sun, 02 Feb 2020 00:01:59 GMT
async-ajs.php
ads.ad4game.com/www/delivery/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4748137&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
52955b38002e62ce74184087a2000523678e2a129546f2bd36b44b4ceb32a4c8

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:08 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.137
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
widget_iframe.219ae0a24a0fde13418c38af0499134b.html
platform.twitter.com/widgets/ Frame EC92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.219ae0a24a0fde13418c38af0499134b.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418F) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Feb 2019 00:18:07 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Wed, 30 Jan 2019 22:40:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/418F)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
button.e96bb6acc0f8bda511c0c46a84ee18e4.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e96bb6acc0f8bda511c0c46a84ee18e4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4194) /
Resource Hash
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 00:18:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Jan 2019 22:40:50 GMT
Server
ECS (fcn/4194)
Etag
"afc5be16085c49e57e5c7974de717b28+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
2300
GMRn6XEBZ06.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 4D7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 31 Jan 2020 22:37:48 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
KmRlmL/5XMj+C760y6MoeX237WSXPCVTJ7bvnJyohfhCgUrATxmxCM11cvq3M6YYxes30Ac3Yxc+fXMRJuzUSQ==
content-length
10868
date
Sat, 02 Feb 2019 00:18:08 GMT
tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
platform.twitter.com/widgets/ Frame DCDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.219ae0a24a0fde13418c38af0499134b.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 02 Feb 2019 00:18:08 GMT
Etag
"80c67bc035b2511f80c56b3d6c95220e+gzip"
Last-Modified
Wed, 30 Jan 2019 22:40:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A9)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12222
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b257e8ef2c042c0b1c75d57ede929124fb3dbd30a65d504f5d859b0e0d142661

Request headers

Response headers

Content-Type
image/png
/
api.prntscr.com/v1/ 		92 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.prntscr.com/v1/
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://prnt.sc
access-control-allow-credentials
true
cf-ray
4a287a906c5c9c23-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
jot
syndication.twitter.com/i/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1549066688200%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222deec1d%3A1548887070531%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.16.156.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
6
pragma
no-cache
last-modified
Sat, 02 Feb 2019 00:18:08 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
01b1d710f7d67afe2b4f5e6541efd85a
x-transaction
0037a53800112bdf
expires
Tue, 31 Mar 1981 05:00:00 GMT
prebid.js
cdn.ad4game.com/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4748137&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
gpt.js
www.googletagservices.com/tag/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g4748137&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7c71fef8dd0fbb71edeab2006f5c66de00bf0a223c8b3e576f877eb6bed886e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"70 / 814 of 1000 / last-modified: 1549066155"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
10091
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:08 GMT
ortb
bid.contextweb.com/header/ 		0
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Feb 2019 00:18:08 GMT
Server
nginx
CWDL
22/135
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts00.pulse.prod
CW-Server
ams-bid11
Content-Length
0
bid
ads.ad4game.com/v1/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/v1/bid?if=1&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&size=970x90%3B728x90%3B300x250&id=4d11e9deefaa6d%3B5c997516420b9e%3B637865a5e1f354&zoneId=60918%3B60917%3B60916&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
0d7d601fdf1c1e4e92f22f9ce1375bd4167a3b7a8400802862959d6b0881b5db

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Feb 2019 00:18:09 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12063
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_299.js
securepubads.g.doubleclick.net/gpt/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
b2e30d33778ecbaf23590b76c45b87c100276be1a19578b5b00aa2e393bf8acd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 18:48:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
63688
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:08 GMT
GMRn6XEBZ06.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame ED86
Redirect Chain
  • https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%2...
  • https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 31 Jan 2020 22:37:48 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
KmRlmL/5XMj+C760y6MoeX237WSXPCVTJ7bvnJyohfhCgUrATxmxCM11cvq3M6YYxes30Ac3Yxc+fXMRJuzUSQ==
content-length
10868
date
Sat, 02 Feb 2019 00:18:08 GMT

Redirect headers

status
302
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
location
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44#cb=f1144227ae3ed2&domain=prnt.sc&origin=https%3A%2F%2Fprnt.sc%2Ff19b15bdd26f3b4&relation=parent&error=unknown_user
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
DoyMiP5UW7tY7wS6bT5FE/U8u7SwGU3TERLuAdRdh3i4+5L53o4D8LW+ghVxdcazWXS4RPnEaksjZTh0fgn+ag==
content-length
0
date
Sat, 02 Feb 2019 00:18:08 GMT
like.php
www.facebook.com/plugins/ Frame 5206 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1884f9137d3ca4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df1884f9137d3ca4%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
4Rd2Bcq1MrFpZ6vkQpk/VwMIMXgXx53TrRcgyez/ZLCbaO2BKM+T2BOtP05hEOlgjZAqZgzufQQKoL4FQrhqag==
date
Sat, 02 Feb 2019 00:18:08 GMT
feedback.php
www.facebook.com/plugins/ Frame 548A
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26...
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
WvBA4Mwa7NmaZnQ8ImSup4uBwxw8eyt+4N0gAQjqIV42JaiMJWfLVe4XJ4JDxpOZN97eeR+Hm7UdxB9638qWkg==
date
Sat, 02 Feb 2019 00:18:09 GMT

Redirect headers

status
302
strict-transport-security
max-age=15552000; preload
location
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df129c83f1440ffc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fmdl2m4&locale=en_US&migrated=1&sdk=joey&xid=mdl2m4
access-control-expose-headers
X-FB-Debug, X-Loader-Length
access-control-allow-credentials
true
vary
Origin
access-control-allow-origin
https://www.facebook.com
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
x-fb-debug
w/Uz5OXg9ZVkUpTISsHXM3BuoMjB91PXW1jCQQeZKiMXkMUtv/pdKni36Rx+w9+8h36m0t3lVlIt1/aNKp4u/g==
content-length
0
date
Sat, 02 Feb 2019 00:18:08 GMT
like_box.php
www.facebook.com/plugins/ Frame 6705 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df9cf58b09a858c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=903c585e6afb75e8a840fca71b4dfb0e&ua=modern_es6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FGMRn6XEBZ06.js%3Fversion%3D44%23cb%3Df9cf58b09a858c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff19b15bdd26f3b4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
nz5JDXbBXHZWGxRibyg3/ILon7QsYNLhAg9td4xD6vZlRv9Q4WzVoNRgR/c4EZISQgYlg+VJ3esYeySMk9oepQ==
date
Sat, 02 Feb 2019 00:18:08 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2536779263269995&correlator=1959503301273799&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21063015%2C21063043&vrg=299&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.45%26hb_adid_a4g%3D4d11e9deefaa6d%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.45%26hb_adid%3D4d11e9deefaa6d%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.27%26hb_adid_a4g%3D5c997516420b9e%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.27%26hb_adid%3D5c997516420b9e%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.21%26hb_adid_a4g%3D637865a5e1f354%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.21%26hb_adid%3D637865a5e1f354%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=15&abxe=1&lmt=1549066689&dt=1549066689104&dlt=1549066687749&idt=835&frm=20&biw=1600&bih=1200&oid=3&adxs=315%2C436%2C315&adys=70%2C652%2C774&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&dssz=28&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&blev=1&bisch=1&ga_vid=920617242.1549066688&ga_sid=1549066689&ga_hid=1484922610&fws=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
bbdf296b0d6fc181394764d096c14f58b190e98b03bec74453d2cd04244f3c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
7922
x-xss-protection
1; mode=block
google-lineitem-id
-1,4728217161,4728217152
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138237963296,138237963296
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_299.js
securepubads.g.doubleclick.net/gpt/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
sffe /
Resource Hash
b633033729ec5192fda264a8a84d7e86b8b2b20099b6e3ea8f088a173e1ffc7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Jan 2019 18:48:36 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
23132
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame C3F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:806::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-31/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1737
date
Mon, 14 Jan 2019 19:45:59 GMT
expires
Tue, 14 Jan 2020 19:45:59 GMT
last-modified
Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
1571530
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
osd.js
www.googletagservices.com/activeview/js/current/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9640dadea677b5d05d14e65b42f64b48895135c36ecb2a989d2b655c89e4e571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Feb 2019 12:15:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28321
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame 54F3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 54F3 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20190131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529e0416036a6d8b499f31ade0171e015ee6487f90377435d6dde31c97ea2f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Feb 2019 12:15:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28807
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame 0E04 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1343
referrer-policy
no-referrer
last-modified
Wed, 14 Nov 2018 11:02:32 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
"5bec00c8-b49"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 0E04 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20190131
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_299.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
529e0416036a6d8b499f31ade0171e015ee6487f90377435d6dde31c97ea2f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Feb 2019 12:15:05 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
28807
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 54F3 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJZch8LPq2WIlm-bfBIJRkFjN_uiumdGOrz8V443oy8rn1FJnqs9rX7SIv8BXDk-c3_IeLkTHWtWDtgcnFoe82w0N-shIg4AEW2ZyIbEB0L6lAxISJ6fzgQblOXib9pxrN9OqSTLJvCWykYCXDldTtiYmlzJzJArl8Bmfd_ajZd9S4qQn5m-TGiv3wmOytC4z-eWU7fVEtkeoCzzJHVKdVCwfi3FL5JhW8j708ez8wlNrs2Vs&sai=AMfl-YR2zaF9-LWuma_h64BKrMOlczyFH0ADNfF17OHz7xrRWyWObClJP6AxoTxuzXRq4EIeMtSpjhDixyfd6iXEzVzooormFDsWN1GzIYwK&sig=Cg0ArKJSzOijQyRVpkhNEAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 54F3 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 54F3 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=542532&campaignid=31237&zoneid=60917&referer=&tag=hb&ver=4.0&tagi=2019-01-16T03-25&cb=IKWpZ48rTZfN5aKA&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNywiZXhwIjoxNTQ5MDY2NzQ5fQ.D69DOP8w3fDnaRW_Etau06u-wEJfEq7p9XMOBcfC1CM&bn=ad4game&bid=0.27&if=1
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:09 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12063
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E04 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyGqWQ-XUb9OVru14eH4FqOhQjnKD4vEq4txhWTmXreMjXiquc_Jc7fsr-ClHnZr_2q38W9fmG8enu_z5oxqdWiCoDXTdq8PbIFB8h70Zor8G8EbVNAO9f1dp5hLeUl8LGYUzIdn7YsV9Xp3rUT8zNAgNjoCiB_TjtsptubrrAmBBqM88PHYQhPVa0bpcRQKExJtY5TDf0XSkzZz1AYSNZfaMD6EKuKMX2S-j0FHGKb3yK&sai=AMfl-YQM0ZEGA1enk4cJtMqjhbm56US7UJ6noDz6ZqzhrQCv_RM-QxdoQZhtjDhbWH_qZUshhX93ad7mqbofBInJGUttZgrNaVuV5px0xLM9&sig=Cg0ArKJSzBHhx8SEbM68EAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 00:18:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 00:18:09 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 0E04 		112 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 0E04 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2019-01-16T03-25&cb=z7iNeiE0RroKkDgL&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTQ5MDY2NzQ4fQ.RJ8WyEyVx1kZn6PyJJvhHf-rc7Xn64eaaTQAUWlDnKY&bn=ad4game&bid=0.211&if=1
Requested by
Host: prnt.sc
URL: https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:09 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12065
Expires
Thu, 01 Jan 1970 00:00:00 GMT
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 0E04 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g693609&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=66549&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
0f59282c707ad22ff3df9f1e3c42798adcde90af74b2bd04fb5b9626d19d34d4

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.140
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame 0E04 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c60f8fe89885bcb4ec9e81cc2127cc6aa4ab8b70f06c215378553a14d669a5

Request headers

Response headers

Content-Type
image/png
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 54F3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7009582&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=66610&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
7d024cdb4bf0650342a96d64fcbb355dd743fec775c250dd817b2585c8b7ca60

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:09 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.137
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame 54F3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50f6f2c10df6b0d6b7457f74e121df768250db582c0c685192697dba03208224

Request headers

Response headers

Content-Type
image/png
prebid.js
cdn.ad4game.com/ Frame 54F3 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g7009582&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=66610&b=1&x=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
ortb
bid.contextweb.com/header/ Frame 54F3 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Feb 2019 00:18:09 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts00.pulse.prod
CW-Server
ams-bid07
Content-Length
0
674ce80f85f2ec5485218f6c4142e0b8.gif
cdn.ad4game.com/ Frame 54F3 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/674ce80f85f2ec5485218f6c4142e0b8.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
referrer-policy
no-referrer
last-modified
Wed, 25 Nov 2015 10:04:45 GMT
server
nginx
x-serveraddr
10.100.0.138
etag
"565587bd-bd84"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
48516
lg.php
ads.ad4game.com/www/delivery/ Frame 54F3 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=494199&campaignid=24838&zoneid=66610&bn=ad4game&bid=0.0036329203472115&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjYxMCwiYmFubmVyIjo0OTQxOTksImJpZCI6MC4wMDM2MzI5MjAzNDcyMTE1NSwiZXhwIjoxNTQ5MDY2NzQ5fQ.VKUGGPDBHiAbtpYFBjbZsql2kNistnHOuiTft1DigXc&tag=asyncjs&ib=0&cb=ODI4ZTc0MTBiOThk&ev=3.3&tagi=2019-01-21T12-12&if=1&sf=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy1.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:10 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12065
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
cdn.ad4game.com/ Frame 0E04 		97 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g693609&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fma7kwj%2520https%3A%2F%2Fprnt.sc%2Fmdl2m4&c=UTF-8&z=66549&b=1&x=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4

Request headers

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:09 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
36182
referrer-policy
no-referrer
last-modified
Mon, 21 Jan 2019 02:16:09 GMT
server
nginx
x-serveraddr
10.100.0.137
etag
"5c452b69-1845b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
ortb
bid.contextweb.com/header/ Frame 0E04 		0
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.contextweb.com/header/ortb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Feb 2019 00:18:10 GMT
Server
nginx
CWDL
22/139
Access-Control-Allow-Origin
https://prnt.sc
Access-Control-Expose-Headers
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
CW-FEServer
ams-prts00.pulse.prod
CW-Server
ams-bid04
Content-Length
0
5d6b4ef9764c59dd45fdd58b2e654801.gif
cdn.ad4game.com/ Frame 0E04 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ad4game.com/5d6b4ef9764c59dd45fdd58b2e654801.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
29aab34c608fd77a7c8d30f0d368104efa8e5de79e317563b519018d843c05e1

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Sat, 02 Feb 2019 00:18:10 GMT
referrer-policy
no-referrer
last-modified
Mon, 19 Dec 2016 11:44:43 GMT
server
nginx
x-serveraddr
10.100.0.138
etag
"5857c82b-186aa"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
100010
lg.php
ads.ad4game.com/www/delivery/ Frame 0E04 		35 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=494198&campaignid=24838&zoneid=66549&bn=ad4game&bid=0.3794172514882&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjU0OSwiYmFubmVyIjo0OTQxOTgsImJpZCI6MC4zNzk0MTcyNTE0ODgxOTU1LCJleHAiOjE1NDkwNjY3NDl9.vHAsjIJ6Dr0GnIdrmUnRaDyKgO_lDc4hfrWiXGZF2K8&tag=asyncjs&ib=0&cb=NGE4NmU2MzcxZmRi&ev=3.3&tagi=2019-01-21T12-12&if=1&sf=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 00:18:10 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12065
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 54F3 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuuYdSqPIh_JaON8rXtiLhv3KvA0aR7xuTw1MDqnpgzttkmMRLFTfc4V8uKeUnFOPnb8gE6w6czwe3G7ZTlCm5OKKaDo2JCvf0LR64&sig=Cg0ArKJSzEEdJzH9kwWhEAE&adk=518174652&tt=1425&bs=1600%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=652,436,742,1164&mcvt=1018&rs=3&ht=0&tfs=427&tls=1445&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549066689385&rpt=466&isd=0&msd=0&lm=2&oseid=3&ps=1600%2C1200&ss=1600%2C1200&pt=21&deb=1-3-3-7-16-21-56-14&tvt=1433&r=v&id=osdim&uc=14&upc=11&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=728x90&v=20190201
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:10 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E04 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO3vjWvSsG8Chb-qAWITMjD4CJjcpe9oLBPQ0U6AWzKbxUBmguP67rrZzSp_jlvqsZ4LlYVTjg6fPLECxjlB9pnOTlxYw10nlS7jU&sig=Cg0ArKJSzDJ22kWuFQ4VEAE&adk=4042975291&tt=1425&bs=1600%2C1200&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&p=774,315,1024,615&mcvt=1018&rs=3&ht=0&tfs=427&tls=1445&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549066689390&rpt=465&isd=0&msd=0&lm=2&oseid=3&ps=1600%2C1200&ss=1600%2C1200&pt=21&deb=1-3-3-7-16-21-56-14&tvt=1433&r=v&id=osdim&uc=14&upc=11&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=300x250&v=20190201
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:10 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
worker.nude.js
st.prntscr.com/2019/02/01/0113/js/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://st.prntscr.com/2019/02/01/0113/js/worker.nude.js
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/02/01/0113/js/script.mix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
Origin
https://prnt.sc

Response headers

date
Sat, 02 Feb 2019 00:18:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Feb 2019 01:15:36 GMT
server
cloudflare
status
200
etag
W/"5c539db8-ad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://prnt.sc
cache-control
max-age=1800
cf-ray
4a287aa2cc4ebba8-LHR
expires
Sat, 02 Feb 2019 00:27:41 GMT
4bf0d0dd-d76e-48dd-92e8-1357c863c8de
https://prnt.sc/ 		0
0
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 00:18:12 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1529-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-2wm8v
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:12 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 54F3
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 00:18:12 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1529-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-2wm8v
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:12 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 0E04
Redirect Chain
  • https://bh.contextweb.com/visitormatch/prebid
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/ma7kwj%20https://prnt.sc/mdl2m4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 00:18:13 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn1529-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-df6978777-2wm8v
X-Cache-Hits
0

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 00:18:13 GMT
server
HTTP server (unknown)
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEIS5pxOpV1PQyAOLS58ia2k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
306
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prnt.sc
URL
blob:https://prnt.sc/4bf0d0dd-d76e-48dd-92e8-1357c863c8de

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| $jscomp object| galleryConfig function| loadTemplate function| fillTemplate object| htmlHelper function| getQueryParam function| mysqlDateTimeToJSDate object| prntscrAPI object| loginConfig object| multiLoginSystem function| prettyDate number| maxId_p number| maxId string| searchQuery object| twittsShown object| PrettyDate function| renamePrntsc function| replaceURLWithHTMLLinks function| replaceMentionsWithHTMLLinks function| replaceHashWithHTMLLinks function| expandShortUrls function| htmlspecialchars_decode function| addTwittsFound function| twitterFill undefined| twitterProcessJSON function| twitter function| Spinner string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| loadImageById function| loadImageByElement function| scanImage function| resultHandler object| nude object| jQuery182034261636926526484 object| FB object| __twttrll object| twttr object| __twttr object| prebidJs object| node object| googletag function| isScriptLoaded number| a4gDReady function| pbjsChunk object| pbjs object| __core-js_shared__ boolean| a4gPrebidLoaded number| PREBID_TIMEOUT number| PREBID_FAILSAFE_TIMEOUT object| slots object| adUnits function| sendAdserverRequest object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

4 Cookies

Domain/Path Name / Value
.prnt.sc/ Name: _gat
Value: 1
.prnt.sc/ Name: _gid
Value: GA1.2.393531511.1549066688
.prnt.sc/ Name: _ga
Value: GA1.2.920617242.1549066688
.prnt.sc/ Name: __cfduid
Value: d946d280bdd3db7bb79f783dd9b4443fd1549066687

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
bh.contextweb.com
bid.contextweb.com
cdn.ad4game.com
cm.g.doubleclick.net
connect.facebook.net
image.prntscr.com
pagead2.googlesyndication.com
platform.twitter.com
prnt.sc
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
prnt.sc
104.20.14.105
104.27.100.99
151.101.0.166
151.139.242.3
172.217.22.66
192.207.255.146
192.207.255.147
199.16.156.241
216.58.205.226
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:814::200e
2a00:1450:4001:817::2002
2a00:1450:4001:818::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2002
2a00:1450:400c:c08::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
74.214.194.133
00ce74a18bd6071ed7e4810d9df7393b6749531165bff6b45d237ccaee9f2808
0471f2d1f37d200a4f5085823f1a5b06c3cb48285892f16c6ba2954292e7e81f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d7d601fdf1c1e4e92f22f9ce1375bd4167a3b7a8400802862959d6b0881b5db
0f59282c707ad22ff3df9f1e3c42798adcde90af74b2bd04fb5b9626d19d34d4
1612d2cc4c004138301697cf3a67737e45ec319b0a33864417cc46ec62cfcae4
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
29aab34c608fd77a7c8d30f0d368104efa8e5de79e317563b519018d843c05e1
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
42c60f8fe89885bcb4ec9e81cc2127cc6aa4ab8b70f06c215378553a14d669a5
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
50f6f2c10df6b0d6b7457f74e121df768250db582c0c685192697dba03208224
52955b38002e62ce74184087a2000523678e2a129546f2bd36b44b4ceb32a4c8
529e0416036a6d8b499f31ade0171e015ee6487f90377435d6dde31c97ea2f61
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82
7c71fef8dd0fbb71edeab2006f5c66de00bf0a223c8b3e576f877eb6bed886e1
7d024cdb4bf0650342a96d64fcbb355dd743fec775c250dd817b2585c8b7ca60
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
90a01a8b4ae45ad9cf1dea505cc7139c567939e4b9bb28cd9973ba6f72857914
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
9640dadea677b5d05d14e65b42f64b48895135c36ecb2a989d2b655c89e4e571
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
a45086739e84ef2f08a71c81711e7d2767a17c5dbaa61e3b4076eaa89d6db6e7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e
b257e8ef2c042c0b1c75d57ede929124fb3dbd30a65d504f5d859b0e0d142661
b2e30d33778ecbaf23590b76c45b87c100276be1a19578b5b00aa2e393bf8acd
b633033729ec5192fda264a8a84d7e86b8b2b20099b6e3ea8f088a173e1ffc7b
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
bbdf296b0d6fc181394764d096c14f58b190e98b03bec74453d2cd04244f3c88
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
cb05b0248935e2ea4b0ba4998b23eca3701ef160e081055a2d4a8e9b55536b0f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
def4bb165c674acec280ae12b8e1029d5be6418587544e0eed0f465ae4cbeefc
e12d19216fc36b566f02283daf16d6dfca6a358cf28433c3bbbbda7f44cef4a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fc55b8a676ba2ee801678558e2b037ca914deb64cd76886cab6d6b586a7cef38