prnt.sc Open in urlscan Pro
104.25.251.35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=192oo93yPGig_ZMyPC8JcsyGlqN1CVvogh-a-GkiiW1s-1153143731&key=YAMMID-99532016&link=h...
Effective URL:
https://prnt.sc/nzdiod
Submission: On September 17 via manual (September 17th 2019, 9:17:47 am UTC) from CH

Summary HTTP 75 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 75 HTTP transactions. The main IP is 104.25.251.35, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on July 6th 2019. Valid for: 6 months.

This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	2a00:1450:400... 2a00:1450:4001:815::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
2 19	104.20.14.105 104.20.14.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.25.251.35 104.25.251.35	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.20.13.105 104.20.13.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	151.139.242.3 151.139.242.3	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1 5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
11	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
75	20

3 2a00:1450:4001:815::2014 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

concertcrave-dot-yamm-track.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.20.14.105 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.25.251.35 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.13.105 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

image.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.3 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	prntscr.com 2 redirects prntscr.com st.prntscr.com image.prntscr.com api.prntscr.com	947 KB
11	ampproject.org cdn.ampproject.org	268 KB
6	googlesyndication.com tpc.googlesyndication.com Failed	131 KB
6	facebook.com 1 redirects staticxx.facebook.com www.facebook.com	514 B
6	doubleclick.net 1 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net	119 KB
5	gstatic.com fonts.gstatic.com	54 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
4	ad4game.com cdn.ad4game.com ads.ad4game.com	97 KB
3	appspot.com 3 redirects concertcrave-dot-yamm-track.appspot.com	705 B
2	googleapis.com fonts.googleapis.com	1 KB
2	googletagservices.com www.googletagservices.com	41 KB
2	facebook.net connect.facebook.net	58 KB
2	google.de www.google.de adservice.google.de	432 B
2	google.com 1 redirects www.google.com adservice.google.com	498 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	prnt.sc prnt.sc	18 KB
0	marphezis.com Failed brightcombid.marphezis.com Failed
75	17

	Domain	Requested by
17	st.prntscr.com	prnt.sc st.prntscr.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net prnt.sc
5	fonts.gstatic.com	prnt.sc
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net prnt.sc
5	www.facebook.com	1 redirects connect.facebook.net
4	platform.twitter.com	prnt.sc platform.twitter.com
3	concertcrave-dot-yamm-track.appspot.com	3 redirects
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	www.googletagservices.com	ads.ad4game.com securepubads.g.doubleclick.net
2	ads.ad4game.com	cdn.ad4game.com
2	connect.facebook.net	prnt.sc connect.facebook.net
2	cdn.ad4game.com	prnt.sc cdn.ad4game.com
2	www.google-analytics.com	1 redirects prnt.sc
2	prnt.sc	prnt.sc
2	prntscr.com	2 redirects
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	syndication.twitter.com	prnt.sc
1	staticxx.facebook.com	connect.facebook.net
1	api.prntscr.com	st.prntscr.com
1	www.google.de	prnt.sc
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	image.prntscr.com	prnt.sc
0	brightcombid.marphezis.com Failed	cdn.ad4game.com
75	26

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com

Subject Issuer	Validity	Valid
ssl387277.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-06` - `2020-01-12`	6 months	crt.sh
ssl366238.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-27` - `2019-12-03`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.ad4game.com Go Daddy Secure Certificate Authority - G2	`2017-11-23` - `2020-01-16`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://prnt.sc/nzdiod
Frame ID: B02EC18C4293BD5E7323BDC1A9DB1283
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=https%3A%2F%2Fprnt.sc
Frame ID: 0734E6B6E2C7FBC18FFFBDD90FB71ABE
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: A6BAA4885F3B585D8E5D1296B6B9E9F6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.en.html
Frame ID: 52A22505F81F70DF379F461FAB22E7A2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfc1a84757cfb%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: BE608D6795254A6A01BCFB46FF917FD4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod
Frame ID: BCA74D021A4B5D66E28B3D08FC2F5D8D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3e138433e31d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: CDE8D9486F823C750343006CB28A69C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Frame ID: 57B9200B8EF4276A46F03DA94482A283
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909030343550/amp4ads-v0.js
Frame ID: AC1942EEEACC5A944254E74CB194B933
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909030343550/amp4ads-v0.js
Frame ID: 438641D009BC4BE13168A27BFBD3A898
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=192oo93yPGig_ZMyPC8JcsyGlqN1CVvogh-a-GkiiW1s-1153143731&key=YA... HTTP 302
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1_JM7xh9sMf3p4rPioHuMenz0Eb3A6TlrRdqecEiqnfE-0&key=YAMMID-3713... HTTP 302
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1dthBEjxC-8I3CdyXsJ7NTwve9unPcyaFS7bzOWD7kYA-0&key=YAMMID-7844... HTTP 302
http://prntscr.com/nzdiod HTTP 301
https://prntscr.com/nzdiod HTTP 301
https://prnt.sc/nzdiod Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

75
Requests

96 %
HTTPS

68 %
IPv6

17
Domains

26
Subdomains

20
IPs

4
Countries

1784 kB
Transfer

4283 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.prntscr.com/translate-lightshot.html
Title: Add your language

Search URL Search Domain Scan URL

URL: https://prntscr.com/gallery.html
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/Light_shot

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Lighshot

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/
Title: Captured with Lightshot

Search URL Search Domain Scan URL

URL: http://www.google.com/searchbyimage?image_url=https://image.prntscr.com/image/uVMTFx6YSr64y0nnbwbQJw.png
Title: find similar

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/tutorials.html
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/privacy.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/advertise.html
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=192oo93yPGig_ZMyPC8JcsyGlqN1CVvogh-a-GkiiW1s-1153143731&key=YAMMID-99532016&link=https%3A%2F%2Fconcertcrave-dot-yamm-track.appspot.com%2FRedirect%3Fukey%3D1_JM7xh9sMf3p4rPioHuMenz0Eb3A6TlrRdqecEiqnfE-0%26key%3DYAMMID-37131349%26link%3Dhttps%253A%252F%252Fconcertcrave-dot-yamm-track.appspot.com%252FRedirect%253Fukey%253D1dthBEjxC-8I3CdyXsJ7NTwve9unPcyaFS7bzOWD7kYA-0%2526key%253DYAMMID-78448632%2526link%253Dhttp%25253A%25252F%25252Fprntscr.com%25252Fnzdiod HTTP 302
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1_JM7xh9sMf3p4rPioHuMenz0Eb3A6TlrRdqecEiqnfE-0&key=YAMMID-37131349&link=https%3A%2F%2Fconcertcrave-dot-yamm-track.appspot.com%2FRedirect%3Fukey%3D1dthBEjxC-8I3CdyXsJ7NTwve9unPcyaFS7bzOWD7kYA-0%26key%3DYAMMID-78448632%26link%3Dhttp%253A%252F%252Fprntscr.com%252Fnzdiod HTTP 302
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1dthBEjxC-8I3CdyXsJ7NTwve9unPcyaFS7bzOWD7kYA-0&key=YAMMID-78448632&link=http%3A%2F%2Fprntscr.com%2Fnzdiod HTTP 302
http://prntscr.com/nzdiod HTTP 301
https://prntscr.com/nzdiod HTTP 301
https://prnt.sc/nzdiod Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1060484673&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fnzdiod&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=856009902&gjid=1727449301&cid=1252562968.1568711850&tid=UA-12353127-1&_gid=1426764088.1568711850&_r=1&z=1029674704 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_gid=1426764088.1568711850&gjid=1727449301&_v=j79&z=1029674704 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704&slf_rd=1&random=571929697

Request Chain 41

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod

75 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request nzdiod Show response
prnt.sc/
Redirect Chain

https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=192oo93yPGig_ZMyPC8JcsyGlqN1CVvogh-a-GkiiW1s-1153143731&key=YAMMID-99532016&link=https%3A%2F%2Fconcertcrave-dot-yamm-track.appspot.com%...
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1_JM7xh9sMf3p4rPioHuMenz0Eb3A6TlrRdqecEiqnfE-0&key=YAMMID-37131349&link=https%3A%2F%2Fconcertcrave-dot-yamm-track.appspot.com%2FRedirec...
https://concertcrave-dot-yamm-track.appspot.com/Redirect?ukey=1dthBEjxC-8I3CdyXsJ7NTwve9unPcyaFS7bzOWD7kYA-0&key=YAMMID-78448632&link=http%3A%2F%2Fprntscr.com%2Fnzdiod
http://prntscr.com/nzdiod
https://prntscr.com/nzdiod
https://prnt.sc/nzdiod

14 KB
4 KB

251ms
203ms

Document
text/html

104.25.251.35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.25.251.35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

607ae8a38ac95c8db4839eff07db63403ea70beaf7a17d51a1615cedce6b8455

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: prnt.sc
:scheme: https
:path: /nzdiod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 17 Sep 2019 09:17:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0608b74137b4e448654efcbf5febb2001568711849; expires=Wed, 16-Sep-20 09:17:29 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5179fcc42bfbc795-AMS
content-encoding: br

Redirect headers

status: 301
date: Tue, 17 Sep 2019 09:17:29 GMT
content-type: text/html
content-length: 178
location: https://prnt.sc/nzdiod
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5179fcc3390ec84f-AMS

GET
H2 200 main.css
st.prntscr.com/2019/09/03/1652/css/ 57 KB
8 KB 46ms
30ms Stylesheet
text/css 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/css/main.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 944
etag: W/"5d6e9aba-23d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc59e12c84f-AMS
expires: Tue, 17 Sep 2019 09:13:41 GMT

GET
H2 200 jquery.1.8.2.min.js Show response
st.prntscr.com/2019/09/03/1652/js/ 91 KB
32 KB 56ms
40ms Script
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 943
etag: W/"5d6e9aba-827c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc59e18c84f-AMS
expires: Tue, 17 Sep 2019 09:13:41 GMT

GET
H2 200 script.mix.js Show response
st.prntscr.com/2019/09/03/1652/js/ 69 KB
23 KB 72ms
56ms Script
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d97eceed104056daaf08c5e49d81aac0391aa894dfc1729ad3a28a7623cf07b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 804
etag: W/"5d6e9aba-5e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc59e17c84f-AMS
expires: Tue, 17 Sep 2019 09:13:41 GMT

GET
H2 200 uVMTFx6YSr64y0nnbwbQJw.png
image.prntscr.com/image/ 861 KB
862 KB 405ms
367ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.prntscr.com/image/uVMTFx6YSr64y0nnbwbQJw.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Magic
Resource Hash: 8201f376f74ad3e439f96b0efd76ae7db92211ae8b32baa0deb68f662347f664

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/nzdiod
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:30 GMT
cf-cache-status: MISS
x-powered-by: Magic
status: 200
x-temperature: Warm
content-length: 881561
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 5179fcc5b87e9c39-AMS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 14 Sep 2029 09:17:30 GMT

GET
H2 200 nzdiod
prnt.sc/ 14 KB
14 KB 170ms
169ms Image
text/html 104.25.251.35
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prnt.sc/nzdiod

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.25.251.35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 5179fcc58efbc795-AMS

GET
H2 200 image-helper.js Show response
st.prntscr.com/2019/09/03/1652/js/ 3 KB
1 KB 24ms
23ms Script
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/image-helper.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:53:38 GMT
server: cloudflare
age: 804
etag: W/"5d6e9a92-a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc61f76c84f-AMS
expires: Tue, 17 Sep 2019 09:13:09 GMT

GET
H2 200 footer-logo.png
st.prntscr.com/2019/09/03/1652/img/ 630 B
848 B 27ms
26ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/footer-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 316
cf-polished: origFmt=png, origSize=1848
status: 200
content-disposition: inline; filename="footer-logo.webp"
content-length: 630
last-modified: Mon, 05 Sep 2016 15:49:19 GMT
server: cloudflare
etag: "57cd93ff-738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:12:12 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc61f78c84f-AMS
cf-bgj: imgq:100

GET
H2 200 jquery.smartbanner.css
st.prntscr.com/2019/09/03/1652/css/ 4 KB
1 KB 42ms
26ms Stylesheet
text/css 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/css/jquery.smartbanner.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:11 GMT
server: cloudflare
age: 1052
etag: W/"5d6e9ab3-ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc59e15c84f-AMS
expires: Tue, 17 Sep 2019 09:13:41 GMT

GET
H2 200 jquery.smartbanner.js Show response
st.prntscr.com/2019/09/03/1652/js/ 8 KB
3 KB 28ms
27ms Script
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.smartbanner.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
age: 805
etag: W/"5d6e9aba-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 5179fcc61f77c84f-AMS
expires: Tue, 17 Sep 2019 09:12:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2036
date: Tue, 17 Sep 2019 08:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Tue, 17 Sep 2019 10:43:33 GMT

GET
H2 200 page-bg.png
st.prntscr.com/2019/09/03/1652/img/ 5 KB
6 KB 28ms
28ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/page-bg.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 770
cf-polished: origFmt=png, origSize=7116
status: 200
content-disposition: inline; filename="page-bg.webp"
content-length: 5608
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-1bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:14:38 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc61f79c84f-AMS
cf-bgj: imgq:100

GET
H2 200 header-logo.png
st.prntscr.com/2019/09/03/1652/img/ 4 KB
4 KB 31ms
30ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/header-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 805
cf-polished: origFmt=png, origSize=7995
status: 200
content-disposition: inline; filename="header-logo.webp"
content-length: 4152
last-modified: Tue, 03 Sep 2019 16:54:18 GMT
server: cloudflare
etag: "5d6e9aba-1e52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:13:00 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc61f7bc84f-AMS
cf-bgj: imgq:100

GET
H2 200 button-download.png
st.prntscr.com/2019/09/03/1652/img/ 314 B
489 B 24ms
23ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/button-download.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 805
cf-polished: origFmt=png, origSize=1404
status: 200
content-disposition: inline; filename="button-download.webp"
content-length: 314
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:11:59 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc61f85c84f-AMS
cf-bgj: imgq:100

GET
H2 200 button-icon-sep.png
st.prntscr.com/2019/09/03/1652/img/ 928 B
1 KB 28ms
28ms Image
image/png 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/button-icon-sep.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
age: 1737
etag: "5d6e9a70-3a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc62fa1c84f-AMS
content-length: 928
expires: Tue, 17 Sep 2019 09:11:59 GMT

GET
H2 200 icon-twitter_gscale.png
st.prntscr.com/2019/09/03/1652/img/ 374 B
616 B 27ms
26ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-twitter_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 760
cf-polished: origFmt=png, origSize=1535
status: 200
content-disposition: inline; filename="icon-twitter_gscale.webp"
content-length: 374
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:12:29 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc62fa2c84f-AMS
cf-bgj: imgq:100

GET
H2 200 icon-facebook_gscale.png
st.prntscr.com/2019/09/03/1652/img/ 296 B
455 B 30ms
29ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-facebook_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 785
cf-polished: origFmt=png, origSize=1325
status: 200
content-disposition: inline; filename="icon-facebook_gscale.webp"
content-length: 296
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-52d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:12:47 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc62fa0c84f-AMS
cf-bgj: imgq:100

GET
H2 200 async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 63ms
17ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 17 Sep 2019 09:17:29 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1451
referrer-policy: no-referrer
last-modified: Fri, 16 Aug 2019 06:00:12 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: W/"5d56466c-ca8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1060484673&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fnzdiod&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_gid=1426764088.1568711850&gjid=1727449301&_v=j79&z=1029674704
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704&slf_rd=1&random=571929697

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704&slf_rd=1&random=571929697

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Sep 2019 09:17:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Sep 2019 09:17:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=1252562968.1568711850&jid=856009902&_v=j79&z=1029674704&slf_rd=1&random=571929697
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4fcd9c4656110bb8a0b3dfa822f86c3384a9a996119ec77d6c4933270b3eb66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: K3WMF4RXMIeDgyBFc3isKw==
status: 200
content-length: 1780
etag: "0a7bb5e9cbe6101f1f6fbf2eaf904b08"
x-fb-debug: 3TYcwZ3/gVaazQ2k0sUJBtykIOhldqJQviQIfwbKauB+rDJ6rQCXqiDJE5aggm6/BlqT9kIVzXw7X6Vj+gwagg==
x-fb-trip-id: 420120009
x-fb-content-md5: fc4d13bfeae2f552d558915b417d1062
x-frame-options: DENY
date: Tue, 17 Sep 2019 09:17:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Sep 2019 09:24:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 94 KB
28 KB 29ms
8ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419C) /
Resource Hash: 01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 09:17:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:21:05 GMT
Server: ECS (fcn/419C)
Etag: "e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28436

GET
H2 200 icon-edit.png
st.prntscr.com/2019/09/03/1652/img/ 461 B
609 B 26ms
25ms Image
image/png 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-edit.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 804
cf-polished: origSize=3153, status=webp_bigger
status: 200
content-length: 461
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 17 Sep 2019 09:13:10 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc6680ec84f-AMS
cf-bgj: imgq:100

GET
H2 200 icon-camera.png
st.prntscr.com/2019/09/03/1652/img/ 158 B
309 B 25ms
25ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-camera.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 712
cf-polished: origFmt=png, origSize=1089
status: 200
content-disposition: inline; filename="icon-camera.webp"
content-length: 158
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:13:42 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc6680fc84f-AMS
cf-bgj: imgq:100

GET
H2 200 icon-abuse.png
st.prntscr.com/2019/09/03/1652/img/ 126 B
277 B 25ms
24ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2019/09/03/1652/img/icon-abuse.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://st.prntscr.com/2019/09/03/1652/css/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:29 GMT
cf-cache-status: HIT
age: 712
cf-polished: origFmt=png, origSize=327
status: 200
content-disposition: inline; filename="icon-abuse.webp"
content-length: 126
last-modified: Tue, 03 Sep 2019 16:53:04 GMT
server: cloudflare
etag: "5d6e9a70-147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 17 Sep 2019 09:13:04 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 5179fcc66812c84f-AMS
cf-bgj: imgq:100

POST
H2 200 / Show response
api.prntscr.com/v1/ 92 B
296 B 109ms
108ms XHR
application/json 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/jquery.1.8.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/json

Response headers

date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://prnt.sc
access-control-allow-credentials: true
cf-ray: 5179fcc719b0c84f-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 187 KB
56 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8609bdf2d407b03cfa8daef8d50c56bd74f93bc508588a342d6590b74f0fe24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/nzdiod
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HvAL2IXpxRHWZZVreqwtaQ==
status: 200
content-length: 56464
etag: "6c961b0cec8995e8f978d718bbf074e9"
x-fb-debug: 8D8n5E96jXoinrP5kzWWL/EF8riJI1ABByePfVGvO28wiIYAJqmg/NockrKBKeer8vFZJIXy/XMcF9A1rpm9IQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 6f24fdd5cf3e2456cfe3c7ddc4ef9c40
x-frame-options: DENY
date: Tue, 17 Sep 2019 09:17:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 16 Sep 2020 07:51:16 GMT

GET
H2 200 prebid.js Show response
cdn.ad4game.com/ 244 KB
91 KB 19ms
19ms Script
application/javascript 151.139.242.3
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 93173
referrer-policy: no-referrer
last-modified: Fri, 16 Aug 2019 06:00:12 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: "5d56466c-3cf4c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 6 KB
2 KB 476ms
125ms Script
text/javascript 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g451520&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fnzdiod&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 97b40fb36fd2c3cd16c5e636880410adf6c288bf39acbf34e22928e3e6714fbc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Tue, 17 Sep 2019 09:17:30 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.140
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
H/1.1 200
OK widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html
platform.twitter.com/widgets/ Frame 0734 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=https%3A%2F%2Fprnt.sc
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A6) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://prnt.sc/nzdiod
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Sep 2019 09:17:30 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A6)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame A6BA 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/nzdiod
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Wed, 16 Sep 2020 00:22:50 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: 7vA8SPep6al9WiIiqmjr9SRhBHAvZzk6G6UemuNcXU8LBHgaDyygdBQzySvrTjFjfLICjEcKZxIyRJU6b3CdCg==
content-length: 11817
x-fb-trip-id: 420120009
date: Tue, 17 Sep 2019 09:17:30 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 96ms
96ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=154822244543652&input_token&origin=1&redirect_uri=https%3A%2F%2Fprnt.sc%2Fnzdiod&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: A4hnLXqJ1IpcWGJX7dlIDLvRWpPWuTTaG6SeL7XVtOn4KR42XEwcpnBjFCfpC/unWaIPAFZlZ6IoKAkvlxAaug==
fb-s: unknown
status: 200
x-frame-options: DENY
date: Tue, 17 Sep 2019 09:17:30 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://prnt.sc
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK button.fc9ebf951a9289ff2153fdd98b8fd4a4.js Show response
platform.twitter.com/js/ 7 KB
3 KB 9ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fc9ebf951a9289ff2153fdd98b8fd4a4.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash: 713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Sep 2019 09:17:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Sep 2019 22:11:07 GMT
Server: ECS (fcn/41AD)
Etag: "0f356c4c57ab07dd2a1b3edb361aa130+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H/1.1 200
OK tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.en.html
platform.twitter.com/widgets/ Frame 52A2 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d9084ca5af1ffbe01c8d444cfadfa6fe.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://prnt.sc/nzdiod
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 17 Sep 2019 09:17:30 GMT
Etag: "affaad6fc7affa0483c0d00dbf4c0f4c+gzip"
Last-Modified: Mon, 09 Sep 2019 22:11:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4196)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12257

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
337 B 140ms
138ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Fnzdiod%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1568711850196%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22e842958%3A1568058321092%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Tue, 17 Sep 2019 09:17:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d9ac30ed1a4784c27d87d5963e2800aa
x-transaction: 00fe9f6a008242ed
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 40 KB
13 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g451520&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fnzdiod&c=UTF-8&z=60918,60917,60916&b=7&x=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5b50d866eced4fe35ddf6b82117bb208a9f7aebe658cd1022dca7054200853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "281 / 177 of 1000 / last-modified: 1568649990"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12687
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:30 GMT

POST hb
brightcombid.marphezis.com/ 0
0

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ 8 KB
2 KB 552ms
324ms XHR
application/json 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2Fnzdiod&size=970x90%3B728x90%3B300x250&id=67b6b5248ce5ad%3B78733b95c6b04b%3B858154b489bbca&zoneId=60918%3B60917%3B60916&
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: b18154c2a2aa1d4492fd0f560434b4bbd987f5bc79584f309d3b60e55b64a8c0

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Sep 2019 09:17:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://prnt.sc
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12061

GET
DATA 200
OK truncated
/ 879 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d0b8e056ca13cd4aeb7c67d1b351bf0bbb11b85abcf1bd5004a0d2be5e94672

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
323 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
319 B 16ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ 158 KB
59 KB 75ms
30ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59716
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:30 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame BE60 0
0 221ms
220ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfc1a84757cfb%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Dfc1a84757cfb%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/nzdiod
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: qDnVakPm8T1rkEfNjkvFB23v93vlmAQ61YodJhxMzLFEQsJa3CShqPY3SbpyMu0V1M9BuyEIWDBNTlbBTXoTXw==
date: Tue, 17 Sep 2019 09:17:31 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame BCA7
Redirect Chain

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%2...
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%2...

0
0

148ms
148ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/nzdiod
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 9vsdYjMHDLb338Ivg6aG8KQhW7go17573jVwwz8poim3qyf6bKdlQl4vJH5BkFI2HPSHToW3LG2PygeE/hgUuQ==
date: Tue, 17 Sep 2019 09:17:31 GMT

Redirect headers

status: 302
strict-transport-security: max-age=15552000; preload
location: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df249132f5bcc8c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fnzdiod&locale=en_US&migrated=1&sdk=joey&xid=nzdiod
access-control-expose-headers: X-FB-Debug, X-Loader-Length
access-control-allow-credentials: true
vary: Origin
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
x-fb-debug: ulKBI5okQ39D9hG8AWQ9+hb3Nl0KU5fF0cqIKDpeQU/OaU3RTFu9bYTsdUsODkHiap3uepVQsmDZxo1o5QTjHg==
content-length: 0
date: Tue, 17 Sep 2019 09:17:31 GMT

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame CDE8 0
0 118ms
118ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3e138433e31d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=37bbd6012f20895979491bd0d3d83db5&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df3e138433e31d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff13813ffb2f85e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/nzdiod
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 34iRURphKZQVPycY7ZkpbP4mOAMRyB98KfTqb5xwVVKeBvQQrqBckCnCn43T5Wx7B8NjzhbDiIqMawwLHJBPxg==
date: Tue, 17 Sep 2019 09:17:31 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
35 KB 466ms
466ms XHR
text/plain 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2217403805867506&correlator=3698554803626571&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061865&vrg=2019082901&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190917&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.04%26hb_adid_a4g%3D67b6b5248ce5ad%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.04%26hb_adid%3D67b6b5248ce5ad%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D78733b95c6b04b%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D78733b95c6b04b%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D858154b489bbca%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D858154b489bbca%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1568711851&dt=1568711851065&dlt=1568711849827&idt=887&frm=20&biw=1585&bih=1200&oid=3&adxs=308%2C429%2C308&adys=70%2C1360%2C1482&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Fnzdiod&dssz=29&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&blev=1&bisch=1&ga_vid=1252562968.1568711850&ga_sid=1568711851&ga_hid=1060484673&fws=0%2C0%2C0&ohw=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

06f3a1c2241d91e76528ebe7a53cd91f4a5d696d6ad387a23ab8f0f8e5e902b2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11025175051438529224/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11025175051438529224/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI7_kIXD1-QCFQKR3godkSoJVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11025175051438529224/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11025175051438529224/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11025175051438529224/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI7_kIXD1-QCFQKR3godkSoJVg&gqi=&layout=/sadbundle/%24csp%253Der3%24/11025175051438529224/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 34710
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
date: Tue, 17 Sep 2019 09:17:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://prnt.sc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082901.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
25 KB 31ms
31ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 13:06:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25315
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:31 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame 57B9 0
0 20ms
5ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-35/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://prnt.sc/nzdiod
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://prnt.sc/nzdiod

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3491
date: Tue, 17 Sep 2019 08:34:56 GMT
expires: Wed, 16 Sep 2020 08:34:56 GMT
last-modified: Fri, 21 Jun 2019 14:35:26 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2555
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568632677987726"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29135
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:31 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011909030343550/ 21 KB
7 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bd57013f5a852d73a29fecced1b46638112ee1772e1d424e135af918179b25b6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "71d4a690da0ffe09"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7520
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909030343550/ Frame AC19 256 KB
70 KB 18ms
5ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

960666642dd39eff3f6c9b991d8f131695606dc6c380aac81e1cc7d13479af44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c651d98ae47d1caf"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 70909
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame AC19 15 KB
5 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

480b3ed782a4542251ab58479c762b9a56458d9e2ce520702e12ad6a216bc75c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c7a0129088105c31"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5404
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame AC19 150 KB
40 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dc5b479cfedceec8bbd708cac90e6656e5aca49cbf1e2c0008f2347909d2ddee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "a05e5de3e4b8254b"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41076
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame AC19 3 KB
1 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb710601e7f10d7cd2d21aa8df0682defbd31156e2149bf86f2011ae142d432

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "df0acf1c557f3ba2"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1395
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame AC19 43 KB
14 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4060fb107613c4304e59d77c8bfa5f36e595b4297718725933c1221dd4af0869

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8612a13df2b240a1"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13882
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC19 7 KB
725 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Sep 2019 09:17:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 17 Sep 2019 09:17:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:31 GMT

GET
DATA 200
OK truncated
/ Frame AC19 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45d3c9f8c8ca2fb18eb6f45e12aa6c45c1dee2e49cc1c231f75f90003b36a553

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909030343550/ Frame 4386 256 KB
69 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

960666642dd39eff3f6c9b991d8f131695606dc6c380aac81e1cc7d13479af44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c651d98ae47d1caf"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 70909
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame 4386 15 KB
5 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

480b3ed782a4542251ab58479c762b9a56458d9e2ce520702e12ad6a216bc75c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c7a0129088105c31"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5404
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame 4386 150 KB
40 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dc5b479cfedceec8bbd708cac90e6656e5aca49cbf1e2c0008f2347909d2ddee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "a05e5de3e4b8254b"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41076
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame 4386 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb710601e7f10d7cd2d21aa8df0682defbd31156e2149bf86f2011ae142d432

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "df0acf1c557f3ba2"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 1395
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011909030343550/v0/ Frame 4386 43 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909030343550/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4060fb107613c4304e59d77c8bfa5f36e595b4297718725933c1221dd4af0869

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8612a13df2b240a1"
age: 468365
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 13882
x-xss-protection: 0
server: sffe
date: Wed, 11 Sep 2019 23:11:26 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 10 Sep 2020 23:11:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4386 7 KB
679 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Sep 2019 09:17:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Tue, 17 Sep 2019 09:17:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Tue, 17 Sep 2019 09:17:31 GMT

GET
DATA 200
OK truncated
/ Frame 4386 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 071e92442bcb039f3cb98c34d9865816d907474d25967bc00bc4f8e3e08fc0b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC19 0
0 35ms
33ms Image
text/html 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDuKjq6SAXc_9B4Ki-gaR1aSwBf3p4OFX65LwseAJq8bZp8gWEAEgopmhHGCRhJ-FjBigAZn_-tQDyAEB4AIAqAMByAMKqgTGAU_Qzwy44bzsTAIDxdgpWKK6W2LcnR1JKyF0dyvvsWa6b_9rE92JzU8KoxWFkJmE3_DBFvPATMxuvAqhYhrMP4fkVyxdKEzsC38YGFHZ5tA1HJMMPfrl8F_-Xq7HtAQ3gtGlmMZQ1eU67d5KSlnGb5otWlYR-2UTfwW0NNRCDK2ugF7hkWHefBZgG531CTx44o5iyEL2rHNlIcUzCOvdjkDmnDW0aRZsi7xCgvV88SlcHgY8MEjVyKd5dEiNOflrFCCD8oRxBMAEoMv3h6MB4AQBkgUECAQYAZIFBAgFGASAB8-AhSuoB47OG6gH1ckbqAfB0xuoB4XUG6gHgdQbqAeC1BuoB4bUG6gHhNQbqAeT2BuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwHyBwQQ5b8G0ggJCIDhgBAQARgN8ggbYWR4LXN1YnN5bi02NjUwMDE2MjEyNDgwOTkxgAoD2BMM&sigh=DgacTLdNIBQ&tpd=AGWhJmsmB4hGt3-rqNpsuOMh8m6Cq7Uo6lkrb59KBRQOyLoMMA
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC19 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 44263
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 17 Sep 2019 20:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AC19 295 B
355 B 8ms
6ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 22:36:03 GMT
x-content-type-options: nosniff
server: cafe
age: 38488
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Tue, 17 Sep 2019 22:36:03 GMT

GET
H2 200 1130995282826741099
tpc.googlesyndication.com/daca_images/simgad/ Frame 4386 125 KB
125 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1130995282826741099

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e1dac4c4646ea4e9f810f2999493d73b384a23b4d53caf1e3f45bc5f6a80cdcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 29 Aug 2019 01:24:59 GMT
x-content-type-options: nosniff
age: 1669952
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 127895
x-xss-protection: 0
last-modified: Tue, 23 Jan 2018 20:34:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Aug 2020 01:24:59 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4386 0
0 36ms
34ms Image
text/html 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ_-mq6SAXdD9B4Ki-gaR1aSwBcrEjdRUtf_EkP0G85Soz8ILEAEgopmhHGCRhJ-FjBigAY-Us5cDyAEJ4AIAqAMByAMKqgTLAU_QmmlMaf7Sdy3NusEqnGb69GFWhA1han2YcN4pbuOgRdDwjgv5Ez83ajD1MBcGqtKCJCrGyHtZ_FgDlA24a0i73xLq5JYrqqmwBE3p_jMpHgMY_Zy-qmLsJoyC8SDbtpdlP-wrk8R8Iyxkm8xobGdlDYByRZtNAOve2WOiHa_h0BAqUHOIFKh28ikmQxrcVARMyk9Y8_VRkXVZafax4ukwf3138rJvPk-W3ISidQi2erK_DIiD9lZ0h-vbZG9G5Dunxli7bH1kWTNLwASf782MyQHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH2evMaKgHjs4bqAfVyRuoB8HTG6gHhdQbqAeB1BuoB4LUG6gHhtQbqAeE1BuoB5PYG6gH4NMbqAe6BqgH2csbqAfPzBuoB6a-G9gHAPIHBBCQ0ATSCAkIgOGAEBABGA3yCBthZHgtc3Vic3luLTY2NTAwMTYyMTI0ODA5OTGACgPYEww&sigh=xtHYC5wacMg&template_id=5000&tpd=AGWhJmu9Mjb45r4AIe33doUUZXoF6BU1PD6dTMdrPAexvic2wg
Requested by: Host: prnt.sc
URL: https://prnt.sc/nzdiod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4386 2 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 44263
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2502
x-xss-protection: 0
expires: Tue, 17 Sep 2019 20:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4386 295 B
401 B 7ms
6ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Sep 2019 22:36:03 GMT
x-content-type-options: nosniff
server: cafe
age: 38488
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 295
x-xss-protection: 0
expires: Tue, 17 Sep 2019 22:36:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AC19 11 KB
11 KB 10ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1899106
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11056
x-xss-protection: 0
expires: Tue, 25 Aug 2020 09:45:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AC19 11 KB
11 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 20:33:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1773853
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11016
x-xss-protection: 0
expires: Wed, 26 Aug 2020 20:33:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4386 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 09:45:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1899106
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11056
x-xss-protection: 0
expires: Tue, 25 Aug 2020 09:45:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4386 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:39:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2000303
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11180
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:39:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 4386 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: prnt.sc
URL: https://prnt.sc/nzdiod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=en
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 20:33:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1773853
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11016
x-xss-protection: 0
expires: Wed, 26 Aug 2020 20:33:18 GMT

GET
H2 200 worker.nude.js Show response
st.prntscr.com/2019/09/03/1652/js/ 3 KB
1 KB 28ms
27ms XHR
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2019/09/03/1652/js/worker.nude.js
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

Sec-Fetch-Mode: cors
Referer: https://prnt.sc/nzdiod
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:17:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Sep 2019 16:54:09 GMT
server: cloudflare
age: 1020
status: 200
etag: W/"5d6e9ab1-ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://prnt.sc
cache-control: max-age=1800
cf-ray: 5179fcdc2bd99c39-AMS
expires: Tue, 17 Sep 2019 09:12:23 GMT

GET
BLOB 200
OK a3a9edc0-7670-4b2e-8ae0-ebf9aa0814de
https://prnt.sc/ 3 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prnt.sc/a3a9edc0-7670-4b2e-8ae0-ebf9aa0814de
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2019/09/03/1652/js/script.mix.js
Protocol: BLOB
Security: , ,
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 2777
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: brightcombid.marphezis.com
URL: https://brightcombid.marphezis.com/hb

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prnt.sc/	1970-01-19 03:45:11	Name: _gat Value: 1
.prnt.sc/	1970-01-19 03:46:38	Name: _gid Value: GA1.2.1426764088.1568711850
.prnt.sc/	1970-01-19 21:16:23	Name: _ga Value: GA1.2.1252562968.1568711850
.prnt.sc/	1970-01-19 12:30:47	Name: __cfduid Value: d0608b74137b4e448654efcbf5febb2001568711849

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
brightcombid.marphezis.com
cdn.ad4game.com
cdn.ampproject.org
concertcrave-dot-yamm-track.appspot.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
image.prntscr.com
platform.twitter.com
prnt.sc
prntscr.com
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
brightcombid.marphezis.com
tpc.googlesyndication.com
104.20.13.105
104.20.14.105
104.244.42.200
104.25.251.35
151.139.242.3
192.207.255.147
216.58.210.2
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::2001
2a00:1450:4001:815::2014
2a00:1450:4001:818::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:825::2001
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e529a757d25aa9d160d28e57c20041eee3f973870c0f0ad4ac7c21937254b1
06f3a1c2241d91e76528ebe7a53cd91f4a5d696d6ad387a23ab8f0f8e5e902b2
071e92442bcb039f3cb98c34d9865816d907474d25967bc00bc4f8e3e08fc0b5
0d0b8e056ca13cd4aeb7c67d1b351bf0bbb11b85abcf1bd5004a0d2be5e94672
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
1d97eceed104056daaf08c5e49d81aac0391aa894dfc1729ad3a28a7623cf07b
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853
31689f8d6eb1b3893de316c482b745b5fc7f0ee5408f7e86ec0e20c320e6b1c4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
4060fb107613c4304e59d77c8bfa5f36e595b4297718725933c1221dd4af0869
45d3c9f8c8ca2fb18eb6f45e12aa6c45c1dee2e49cc1c231f75f90003b36a553
480b3ed782a4542251ab58479c762b9a56458d9e2ce520702e12ad6a216bc75c
4fcd9c4656110bb8a0b3dfa822f86c3384a9a996119ec77d6c4933270b3eb66a
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
607ae8a38ac95c8db4839eff07db63403ea70beaf7a17d51a1615cedce6b8455
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6b5b50d866eced4fe35ddf6b82117bb208a9f7aebe658cd1022dca7054200853
713ee1f99eb3fea3d726a797e55dcc0b6b8ab5eb1db72bc2ac7430d6c6c5e1c5
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8201f376f74ad3e439f96b0efd76ae7db92211ae8b32baa0deb68f662347f664
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
8609bdf2d407b03cfa8daef8d50c56bd74f93bc508588a342d6590b74f0fe24e
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
960666642dd39eff3f6c9b991d8f131695606dc6c380aac81e1cc7d13479af44
97b40fb36fd2c3cd16c5e636880410adf6c288bf39acbf34e22928e3e6714fbc
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b18154c2a2aa1d4492fd0f560434b4bbd987f5bc79584f309d3b60e55b64a8c0
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
bd57013f5a852d73a29fecced1b46638112ee1772e1d424e135af918179b25b6
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cfb710601e7f10d7cd2d21aa8df0682defbd31156e2149bf86f2011ae142d432
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc5b479cfedceec8bbd708cac90e6656e5aca49cbf1e2c0008f2347909d2ddee
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
e1dac4c4646ea4e9f810f2999493d73b384a23b4d53caf1e3f45bc5f6a80cdcf
e2ef1a71c93cfaf7e0af7d9641ee9496c9346acb480a13ab102f7c8adc901207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ec6c461b6a7da1d28c5bb10b93c755c080ccdaed59821bdf1076bdc3866cc956
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

prnt.sc Open in urlscan Pro 104.25.251.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

75 Requests

96 %HTTPS

68 %IPv6

17 Domains

26 Subdomains

20 IPs

4 Countries

1784 kBTransfer

4283 kBSize

4 Cookies

12 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prnt.sc Open in urlscan Pro
104.25.251.35 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

96 %
HTTPS

68 %
IPv6

17
Domains

26
Subdomains

20
IPs

4
Countries

1784 kB
Transfer

4283 kB
Size

4
Cookies

75 HTTP transactions
3 data transactions