prnt.sc Open in urlscan Pro
104.27.101.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://prntscr.com/gk66h7
Effective URL:
https://prnt.sc/gk66h7
Submission: On June 06 via api (June 6th 2018, 4:07:46 pm UTC) from CH

Summary HTTP 81 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 23 domains to perform 81 HTTP transactions. The main IP is 104.27.101.99, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on April 23rd 2018. Valid for: 6 months.

This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.20.14.105 104.20.14.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 18	104.20.13.105 104.20.13.105	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	104.27.101.99 104.27.101.99	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.31.94.190 104.31.94.190	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	13.32.217.247 13.32.217.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	172.217.22.78 172.217.22.78	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.16.93.65 104.16.93.65	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.242.3 151.139.242.3	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
4	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	216.58.214.36 216.58.214.36	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.67 172.217.22.67	15169 (GOOGLE) (GOOGLE - Google LLC)
3	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.214.34 216.58.214.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.94.216.48 52.94.216.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	216.58.214.46 216.58.214.46	15169 (GOOGLE) (GOOGLE - Google LLC)
5	192.229.233.25 192.229.233.25	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	192.207.255.146 192.207.255.146	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1	172.217.22.77 172.217.22.77	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	216.58.207.74 216.58.207.74	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
4	104.16.52.4 104.16.52.4	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX - MNX Solutions LLC)
1	104.20.49.111 104.20.49.111	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.16.64.54 104.16.64.54	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.89.231.154 52.89.231.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.2.74 178.250.2.74	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.71 178.250.0.71	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	178.250.0.66 178.250.0.66	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	178.250.2.76 178.250.2.76	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.148.141.242 54.148.141.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 5	185.60.216.38 185.60.216.38	32934 (FACEBOOK) (FACEBOOK - Facebook)
81	33

4 104.20.14.105 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.20.13.105 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.27.101.99 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.31.94.190 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.217.247 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-217-247.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.78 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f78.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.93.65 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

widget.uservoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
by2.uservoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.3 (Dallas, United States)

ASN54104 (AS-STACKPATH - netDNA, US)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (Portage, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.36 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.67 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f67.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f130.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.216.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aax-cpm.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.214.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f14.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.233.25 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.207.255.146 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy1.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.77 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f77.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 87.250.251.119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.52.4 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.207.255.147 (United States)

ASN62821 (AS-MNX - MNX Solutions LLC, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.49.111 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.64.54 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.231.154 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-231-154.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.74 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: static.criteo.net

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.71 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: cas.criteo.com

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.66 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 2 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.76 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: dis.criteo.com

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.141.242 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-141-242.us-west-2.compute.amazonaws.com

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.60.216.38 (Ireland) 2 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	prntscr.com 2 redirects prntscr.com st.prntscr.com image.prntscr.com api.prntscr.com	104 KB
7	facebook.com 2 redirects staticxx.facebook.com www.facebook.com	1 KB
7	google.com 1 redirects www.google.com adservice.google.com apis.google.com accounts.google.com	98 KB
6	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	37 KB
5	yandex.ru 1 redirects mc.yandex.ru	39 KB
4	yabidos.com pixel.yabidos.com	25 KB
4	googlesyndication.com pagead2.googlesyndication.com	114 KB
4	ad4game.com cdn.ad4game.com ads.ad4game.com	5 KB
4	prnt.sc prnt.sc ads.prnt.sc	9 KB
3	criteo.com cas.criteo.com cat.fr.eu.criteo.com dis.criteo.com	3 KB
3	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	4 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	161 B
3	google-analytics.com 1 redirects www.google-analytics.com	28 KB
2	openx.net 2 redirects us-u.openx.net	908 B
2	glotgrx.com pre.glotgrx.com	781 B
2	google.de www.google.de adservice.google.de	280 B
2	uservoice.com widget.uservoice.com by2.uservoice.com	23 KB
2	amazon-adsystem.com c.amazon-adsystem.com aax-cpm.amazon-adsystem.com	6 KB
1	pubmatic.com ads.pubmatic.com	4 KB
1	criteo.net static.criteo.net	22 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	facebook.net connect.facebook.net	61 KB
1	increaserev.com www.increaserev.com	767 B
81	23

	Domain	Requested by
17	st.prntscr.com	prnt.sc st.prntscr.com
5	www.facebook.com	2 redirects connect.facebook.net
5	mc.yandex.ru	1 redirects ads.prnt.sc prnt.sc
5	platform.twitter.com	prnt.sc platform.twitter.com
4	pixel.yabidos.com	ads.ad4game.com pixel.yabidos.com
4	apis.google.com	prnt.sc apis.google.com
4	pagead2.googlesyndication.com	www.increaserev.com pagead2.googlesyndication.com
3	ads.prnt.sc	c.amazon-adsystem.com ads.prnt.sc
3	www.google-analytics.com	1 redirects prnt.sc ads.prnt.sc
2	us-u.openx.net	2 redirects
2	pre.glotgrx.com	prnt.sc
2	staticxx.facebook.com	connect.facebook.net
2	ads.ad4game.com	cdn.ad4game.com prnt.sc
2	api.prntscr.com	st.prntscr.com prnt.sc
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.ad4game.com	prnt.sc
2	prntscr.com	2 redirects
1	track.adtrue.com	ads.prnt.sc
1	dis.criteo.com	ads.prnt.sc
1	cat.fr.eu.criteo.com	cas.criteo.com
1	ads.pubmatic.com	cas.criteo.com
1	cas.criteo.com	static.criteo.net
1	static.criteo.net	exchange.adtrue.com
1	exchange.adtrue.com	prnt.sc
1	cdn.adtrue.com	ads.prnt.sc
1	ajax.googleapis.com	ads.prnt.sc
1	syndication.twitter.com	1 redirects
1	accounts.google.com	apis.google.com
1	by2.uservoice.com	widget.uservoice.com
1	connect.facebook.net	prnt.sc
1	aax-cpm.amazon-adsystem.com	c.amazon-adsystem.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de	prnt.sc
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	widget.uservoice.com	prnt.sc
1	c.amazon-adsystem.com	prnt.sc
1	www.increaserev.com	prnt.sc
1	image.prntscr.com	prnt.sc
1	prnt.sc	prnt.sc
81	41

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.ad4game.com
www.google.com

Subject Issuer	Validity	Valid
ssl387277.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-04-23` - `2018-10-30`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-05-15` - `2018-08-07`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
*.apis.google.com Google Internet Authority G3	`2018-05-15` - `2018-08-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2018-05-15` - `2018-08-07`	3 months	crt.sh
*.adtrue.com Amazon	`2017-08-04` - `2018-09-04`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://prnt.sc/gk66h7
Frame ID: E86121CB0D5B0E7C8F6AC755F0A3707D
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180531/r20180604/zrt_lookup.html
Frame ID: 00F649A6C0B42B60B6C2BD1A05C5C3C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/show_ads_impl.js
Frame ID: 5E2D070B597EBE5C6C706861EF28CE81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&h=90&slotname=5412947508%2F9843071148&adk=3758905607&adf=1846161840&w=728&lmt=1528301254&guci=1.2.0.0.2.2.0&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&flash=0&wgl=1&adsid=NT&dt=1528301254117&bpp=11&bdt=109&fdt=13&idt=64&shv=r20180531&cbv=r20180604&saldr=sa&abxe=1&correlator=7934833962057&frm=20&ga_vid=733706358.1528301254&ga_sid=1528301254&ga_hid=393205311&ga_fc=0&pv=2&iag=0&icsg=33595424&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C21061795&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&xpc=VcLWjfof4c&p=https%3A//prnt.sc&dtd=87
Frame ID: 6ABECBEBD40D46AAB517604C41999609
Requests: 1 HTTP requests in this frame

Frame: https://ads.prnt.sc/ads/adtrue/300x250/index.html
Frame ID: DFD8C88709E97E6A576B01816D3A097B
Requests: 10 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.c535a95e8a24202b16a5c12c5085d8db.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: E8E1ABE06F4415E1516A12BCA268A766
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg
Frame ID: C805CBD8A995CE11EE049CCC47BC6F55
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
Frame ID: 076A28EAF097EB263CC986A45E3903F6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.c535a95e8a24202b16a5c12c5085d8db.en.html
Frame ID: 59C02C65C33425C5886CCE7BF87CD23A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg
Frame ID: 0FF1796C056EEB7D20CC3A3B64D596F3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 7DBFB0E5336A94B7031BE0C393895221
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=1452&ref=https://ads.prnt.sc/proxy/300x250/index.html&cb=2545121637&loc=https://ads.prnt.sc/proxy/300x250/index.html
Frame ID: 3A080A8997CAB9AE7E97309AB129C11D
Requests: 6 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=1452&domain=ads.prnt.sc&ref=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
Frame ID: CBCCA1DB251FB245CBEA7A87C0E5155C
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
Frame ID: 171DF7881A9E8A664394AB569B0ADE7D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Dfdd5d52c78e6d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 69B4CF6F77BC4C283A065F34E29D004E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350
Frame ID: 2EEAC22D7732F0814C875A07275BAFF3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df1dd14b301caf7c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: E2EAAF0869CFA308E771C41806F38376
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://prntscr.com/gk66h7 HTTP 301
https://prntscr.com/gk66h7 HTTP 301
https://prnt.sc/gk66h7 Page URL

Detected technologies

UserVoice (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

env /^UserVoice$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

81
Requests

21 %
HTTPS

0 %
IPv6

23
Domains

41
Subdomains

33
IPs

5
Countries

615 kB
Transfer

1679 kB
Size

3
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://app.prntscr.com/translate-lightshot.html
Title: Add your language

Search URL Search Domain Scan URL

URL: https://prntscr.com/gallery.html
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/Light_shot

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Lighshot

Search URL Search Domain Scan URL

URL: https://www.ad4game.com/feedback.php?zoneid=60918&bannerid=496953
Title: Ad by Ad4Game

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/
Title: Captured with Lightshot

Search URL Search Domain Scan URL

URL: http://www.google.com/searchbyimage?image_url=https://image.prntscr.com/image/0niZBdVTQ8ymOtL0fR1svg.png
Title: find similar

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/tutorials.html
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/privacy.html
Title: Terms of service

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/faq.html
Title: FAQ

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/advertise.html
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://prntscr.com/gk66h7 HTTP 301
https://prntscr.com/gk66h7 HTTP 301
https://prnt.sc/gk66h7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=393205311&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fgk66h7&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=547457311&gjid=1067974538&cid=733706358.1528301254&tid=UA-12353127-1&_gid=561544508.1528301254&_r=1&z=1928387803 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_gid=561544508.1528301254&gjid=1067974538&_v=j68&z=1928387803 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803&slf_rd=1&random=4017160087

Request Chain 49

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 55

https://mc.yandex.ru/watch/34788485?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A300x250%3Ai%3A20180606160734%3Aet%3A1528301255%3Aen%3Awindows-1252%3Av%3A1152%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A917229339%3Ahid%3A295715282%3Ads%3A0%2C0%2C364%2C1%2C0%2C0%2C0%2C26%2C3%2C397%2C%2C%2C393%3Ast%3A1528301255%3Au%3A15283012551032070702 HTTP 302
https://mc.yandex.ru/watch/34788485/1?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A300x250%3Ai%3A20180606160734%3Aet%3A1528301255%3Aen%3Awindows-1252%3Av%3A1152%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A917229339%3Ahid%3A295715282%3Ads%3A0%2C0%2C364%2C1%2C0%2C0%2C0%2C26%2C3%2C397%2C%2C%2C393%3Ast%3A1528301255%3Au%3A15283012551032070702

Request Chain 72

https://us-u.openx.net/w/1.0/cm?id=5c627885-3475-4ed8-a54e-8d0222f57cbe&d=MACRO&r=https%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d31%26uid%3d HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=5c627885-3475-4ed8-a54e-8d0222f57cbe&d=MACRO&r=https%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d31%26uid%3d HTTP 302
https://dis.criteo.com/rex/match.aspx?c=31&uid=8b308b34-aabc-4ce1-8d34-4b949839051f

Request Chain 75

https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df386ea17cc67f24%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version HTTP 302
https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

Request Chain 77

https://www.facebook.com/plugins/comments.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350 HTTP 302
https://www.facebook.com/plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request gk66h7 Show response
prnt.sc/
Redirect Chain

http://prntscr.com/gk66h7
https://prntscr.com/gk66h7
https://prnt.sc/gk66h7

14 KB
5 KB

222ms
204ms

Document
text/html

104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://prnt.sc/gk66h7

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af00a7befd984dabf2db143a93757b3de5d74b6985e0d77109b4806d79e3705d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: prnt.sc
:scheme: https
:path: /gk66h7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D

Response headers

status: 200
date: Wed, 06 Jun 2018 16:07:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db936d7898b1ddfdaba118053990d4ecf1528301253; expires=Thu, 06-Jun-19 16:07:33 GMT; path=/; domain=.prnt.sc; HttpOnly
x-frame-options: SAMEORIGIN
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426c21f44989978c-FRA

Redirect headers

status: 301
date: Wed, 06 Jun 2018 16:07:33 GMT
content-type: text/html
content-length: 178
location: https://prnt.sc/gk66h7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426c21f07e4e9706-FRA

GET
S 200 main.css
st.prntscr.com/2018/04/18/0320/css/ 57 KB
9 KB 21ms
19ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/css/main.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-23e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 426c21f59ac59706-FRA
content-length: 9188
expires: Wed, 06 Jun 2018 16:25:33 GMT

GET
S 200 jquery.1.8.2.min.js Show response
st.prntscr.com/2018/04/18/0320/js/ 91 KB
33 KB 13ms
11ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/js/jquery.1.8.2.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-827c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 426c21f59ac69706-FRA
content-length: 33404
expires: Wed, 06 Jun 2018 16:37:28 GMT

GET
S 200 script.mix.js Show response
st.prntscr.com/2018/04/18/0320/js/ 70 KB
24 KB 24ms
22ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/js/script.mix.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc708db8bb66e7f26ff48d82f63b93332058955c78f0dbadf0ff2039ea855113

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-5f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 426c21f59ac79706-FRA
content-length: 24421
expires: Wed, 06 Jun 2018 16:32:26 GMT

GET
S 200 0niZBdVTQ8ymOtL0fR1svg.png
image.prntscr.com/image/ 5 KB
6 KB 31ms
14ms Image
image/webp 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.prntscr.com/image/0niZBdVTQ8ymOtL0fR1svg.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Magic
Resource Hash: e1b0ee9f378cc764fde807c6a31c0a1ac96a1caa5d790a9916ab7a6765dd17a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://prnt.sc/gk66h7
Origin: https://prnt.sc

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
x-powered-by: Magic
status: 200
content-disposition: inline; filename="0niZBdVTQ8ymOtL0fR1svg.webp"
content-length: 5394
last-modified: Tue, 12 Sep 2017 10:42:21 GMT
server: cloudflare
etag: "15a6ce3dfb3f28010dd0b684b4ae3fbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 03 Jun 2028 16:07:34 GMT
cache-control: public, max-age=315360000
cf-polished: origFmt=png, origSize=9346
accept-ranges: bytes
cf-ray: 426c21f5fade97aa-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-bgj: imgq:100

GET gk66h7
prnt.sc/ 0
0

GET
S 200 image-helper.js Show response
st.prntscr.com/2018/04/18/0320/js/ 3 KB
1 KB 10ms
9ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/js/image-helper.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:56 GMT
server: cloudflare
etag: W/"5ad6b9d4-a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 426c21f5bae79706-FRA
expires: Wed, 06 Jun 2018 16:13:53 GMT

GET
S 200 728x90above_res.js Show response
www.increaserev.com/ads/ 970 B
767 B 31ms
11ms Script
application/javascript 104.31.94.190
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.increaserev.com/ads/728x90above_res.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.31.94.190 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dfac4ab0285cf3c40aa94feb438a5254a14a5ad80c6490a12d847106d759b8e

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2017 04:59:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 426c21f5eb9a97fe-FRA
content-length: 367
expires: Thu, 14 Jun 2018 16:07:34 GMT

GET
H/1.1 200
OK amzn_ads.js Show response
c.amazon-adsystem.com/aax2/ 17 KB
6 KB 29ms
10ms Script
application/javascript 13.32.217.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/amzn_ads.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: HTTP/1.1
Server: 13.32.217.247 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-217-247.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 99b08423e78999ba439a316738c4393ee73c1d72f91660a89d73fefe0e23a118

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Tue, 05 Jun 2018 16:54:25 GMT
Content-Encoding: gzip
Server: Server
Age: 83589
ETag: 30b907397eaadc9585ec6446f6b669d8
X-Cache: Hit from cloudfront
Content-Type: application/javascript
nnCoection: close
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5595
Via: 1.1 9be2d2d7560f88bdc5d5a3a94863566a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: c5W-tDDEaYLnrALaYy2UFhAX6pd2fFwlp3k-YdtWMpnYDUhZv8ZIrA==

GET
S 200 footer-logo.png
st.prntscr.com/2018/04/18/0320/img/ 2 KB
2 KB 16ms
15ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/footer-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390034444536e558ac4b6e42a3bb610b30eacfbfd93f0fa72c4a885e5fdcbdd6

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Sep 2016 15:49:19 GMT
server: cloudflare
etag: "57cd93ff-738"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f5db0c9706-FRA
content-length: 1848
expires: Wed, 06 Jun 2018 16:22:38 GMT

GET
S 200 jquery.smartbanner.css
st.prntscr.com/2018/04/18/0320/css/ 4 KB
1 KB 23ms
22ms Stylesheet
text/css 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/css/jquery.smartbanner.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:45 GMT
server: cloudflare
etag: W/"5ad6ba05-ef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=1800
cf-ray: 426c21f59ac49706-FRA
expires: Wed, 06 Jun 2018 16:32:08 GMT

GET
S 200 jquery.smartbanner.js Show response
st.prntscr.com/2018/04/18/0320/js/ 8 KB
3 KB 11ms
10ms Script
application/javascript 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/js/jquery.smartbanner.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-aec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 426c21f5db0b9706-FRA
content-length: 2796
expires: Wed, 06 Jun 2018 16:29:55 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 172.217.22.78
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

SPDY

Server

172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f78.1e100.net

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4287
date: Wed, 06 Jun 2018 14:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Wed, 06 Jun 2018 16:56:07 GMT

GET
S 200 vH5wQvnQPL3wtXH5KVXA.js Show response
widget.uservoice.com/ 75 KB
23 KB 33ms
17ms Script
text/javascript 104.16.93.65
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

SPDY

Server

104.16.93.65 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc4ac981d38fc31b8a9ed16b29e779b9288fcb6f4ae4787e8bbb5ce7d04c8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: aa620cbb-0cdd-4006-a33c-5d21ca24ce3f
x-runtime: 0.033247
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c59ca9b279bee81e89ec71b1d0818b3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains;
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 426c21f5fc4864c9-FRA
x-rack-cache: pass
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
S 200 page-bg.png
st.prntscr.com/2018/04/18/0320/img/ 7 KB
7 KB 16ms
15ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/page-bg.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 461f12ef91228c2591d3f3127319e8f0220a9e643d9039701ba86165d3692a41

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-1a7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
cf-ray: 426c21f5eb119706-FRA
content-length: 6779
expires: Wed, 06 Jun 2018 16:16:48 GMT

GET
S 200 icon-facebook_gscale.png
st.prntscr.com/2018/04/18/0320/img/ 1 KB
1 KB 14ms
14ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/icon-facebook_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-52d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f5eb129706-FRA
content-length: 1325
expires: Wed, 06 Jun 2018 16:35:35 GMT

GET
S 200 icon-twitter_gscale.png
st.prntscr.com/2018/04/18/0320/img/ 1 KB
2 KB 24ms
24ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/icon-twitter_gscale.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f5eb139706-FRA
content-length: 1535
expires: Wed, 06 Jun 2018 16:15:39 GMT

GET
S 200 header-logo.png
st.prntscr.com/2018/04/18/0320/img/ 8 KB
8 KB 15ms
15ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/header-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cee2541161cf165e2e8ce22b81ec2cf8ccc162064124fb350df3b452a992a50

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:52 GMT
server: cloudflare
etag: "5ad6ba0c-1e52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
cf-ray: 426c21f5eb1a9706-FRA
content-length: 7762
expires: Wed, 06 Jun 2018 16:35:35 GMT

GET
S 200 button-download.png
st.prntscr.com/2018/04/18/0320/img/ 1 KB
1 KB 11ms
11ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/button-download.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-57c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f5eb1d9706-FRA
content-length: 1404
expires: Wed, 06 Jun 2018 16:27:23 GMT

GET
S 200 button-icon-sep.png
st.prntscr.com/2018/04/18/0320/img/ 928 B
1 KB 9ms
9ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/button-icon-sep.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-3a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f5fb239706-FRA
content-length: 928
expires: Wed, 06 Jun 2018 16:11:04 GMT

GET
S 200 async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 25ms
5ms Script
application/javascript 151.139.242.3
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 151.139.242.3 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: nginx /
Resource Hash: b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-cache: HIT
status: 200
x-host: ads.ad4game.com
content-length: 1343
referrer-policy: no-referrer
last-modified: Thu, 10 May 2018 16:52:01 GMT
server: nginx
x-serveraddr: 10.100.0.138
etag: "5af478b1-b49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
S 200 icon-abuse.png
st.prntscr.com/2018/04/18/0320/img/ 327 B
485 B 13ms
12ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/icon-abuse.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f60b3e9706-FRA
content-length: 327
expires: Wed, 06 Jun 2018 16:29:53 GMT

GET
S 200 icon-camera.png
st.prntscr.com/2018/04/18/0320/img/ 1 KB
1 KB 10ms
8ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/icon-camera.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-441"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f60b3f9706-FRA
content-length: 1089
expires: Wed, 06 Jun 2018 16:28:31 GMT

GET
S 200 icon-edit.png
st.prntscr.com/2018/04/18/0320/img/ 461 B
674 B 13ms
11ms Image
image/png 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2018/04/18/0320/img/icon-edit.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer: https://st.prntscr.com/2018/04/18/0320/css/main.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
cf-polished: origSize=3153
status: 200
content-length: 461
last-modified: Wed, 18 Apr 2018 03:21:17 GMT
server: cloudflare
etag: "5ad6b9ad-c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Wed, 06 Jun 2018 16:09:07 GMT
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 426c21f60b409706-FRA
cf-bgj: imgq:100

GET
S 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 51 KB
20 KB 17ms
17ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.increaserev.com
URL: https://www.increaserev.com/ads/728x90above_res.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

eb2defb684672ffc70c5bb5468038c2b716cd3707d6beb3461674369072fa261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 19892
x-xss-protection: 1; mode=block
server: cafe
etag: 1627423837143289312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=393205311&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fgk66h7&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_gid=561544508.1528301254&gjid=1067974538&_v=j68&z=1928387803
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803&slf_rd=1&random=4017160087

42 B
109 B

16ms
16ms

Image
image/gif

172.217.22.67
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803&slf_rd=1&random=4017160087

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

SPDY

Server

172.217.22.67 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f67.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jun 2018 16:07:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Jun 2018 16:07:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=733706358.1528301254&jid=547457311&_v=j68&z=1928387803&slf_rd=1&random=4017160087
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=prnt.sc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 23ms
23ms Script
application/javascript 216.58.214.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=prnt.sc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

216.58.214.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f2.1e100.net

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-7002491002409919.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
236 B 7ms
7ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7002491002409919.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 07:53:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Jun 2018 23:34:07 GMT
server: sffe
age: 29674
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Wed, 06 Jun 2018 19:53:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180531/r20180604/ Frame 00F6 0
0 6ms
5ms Document
text/html 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180531/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180531/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 06 Jun 2018 05:51:13 GMT
expires: Wed, 20 Jun 2018 05:51:13 GMT
content-type: text/html; charset=UTF-8
etag: 8341461738443483577
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6979
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 36981
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/ Frame 5E2D 184 KB
69 KB 28ms
27ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

7f98aaa737878a6da995de1086cd3436190c68f3defb200176ace4267cf1cf07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 70290
x-xss-protection: 1; mode=block
server: cafe
etag: 12299519914063513569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
H/1.1 200
OK getad Show response
aax-cpm.amazon-adsystem.com/x/ 266 B
549 B 165ms
62ms Script
text/javascript 52.94.216.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-cpm.amazon-adsystem.com/x/getad?jsd=1&src=3000&slot_uuid=5b00c9d3-58d0-47b8-8ae2-f0961da37f0d&c=100&u=https%3A%2F%2Fprnt.sc%2Fgk66h7&cb=4765154
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: HTTP/1.1
Server: 52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Server /
Resource Hash: c9dd12b5a4879bb4ba94efbc8a889a43288d0ca973433479cca2740969a58bc8

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Encoding: gzip
Server: Server
Connection: keep-alive
Content-Length: 210
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6ABE 0
0 300ms
300ms Document
text/html 172.217.23.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7002491002409919&output=html&h=90&slotname=5412947508%2F9843071148&adk=3758905607&adf=1846161840&w=728&lmt=1528301254&guci=1.2.0.0.2.2.0&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&flash=0&wgl=1&adsid=NT&dt=1528301254117&bpp=11&bdt=109&fdt=13&idt=64&shv=r20180531&cbv=r20180604&saldr=sa&abxe=1&correlator=7934833962057&frm=20&ga_vid=733706358.1528301254&ga_sid=1528301254&ga_hid=393205311&ga_fc=0&pv=2&iag=0&icsg=33595424&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C21061795&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&xpc=VcLWjfof4c&p=https%3A//prnt.sc&dtd=87

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7002491002409919&output=html&h=90&slotname=5412947508%2F9843071148&adk=3758905607&adf=1846161840&w=728&lmt=1528301254&guci=1.2.0.0.2.2.0&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&flash=0&wgl=1&adsid=NT&dt=1528301254117&bpp=11&bdt=109&fdt=13&idt=64&shv=r20180531&cbv=r20180604&saldr=sa&abxe=1&correlator=7934833962057&frm=20&ga_vid=733706358.1528301254&ga_sid=1528301254&ga_hid=393205311&ga_fc=0&pv=2&iag=0&icsg=33595424&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C21061795&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&xpc=VcLWjfof4c&p=https%3A//prnt.sc&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 06 Jun 2018 16:07:34 GMT
server: cafe
cache-control: private
content-length: 14829
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Jun-2018 16:22:34 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/ 70 KB
26 KB 6ms
5ms Script
text/javascript 172.217.21.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180531/r20180604/show_ads_impl.js

Protocol

SPDY

Server

172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

79c2ee1b0f789c08f0aa63a3e872232dfe18bf034fa0abe31e5828775b9da3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 05:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 26358
x-xss-protection: 1; mode=block
server: cafe
etag: 11554295660535506247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Jun 2018 05:51:13 GMT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 126b3347a99161033e3f36ba862b6e2478b4a2bf313234cfbc51d3dd2c2651e8

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H2 200 index.html Show response
ads.prnt.sc/proxy/300x250/ Frame DFD8 1 KB
823 B 365ms
364ms Document
text/html 104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.prnt.sc/proxy/300x250/index.html
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/amzn_ads.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a4a6e145c1d34aaeac6a7f51b13ba5a448ac75ce66713f7979fa98eea1f40c

Request headers

:method: GET
:authority: ads.prnt.sc
:scheme: https
:path: /proxy/300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
cookie: __cfduid=db936d7898b1ddfdaba118053990d4ecf1528301253; _ga=GA1.2.733706358.1528301254; _gid=GA1.2.561544508.1528301254; _gat=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
date: Wed, 06 Jun 2018 16:07:34 GMT
content-type: text/html
content-length: 626
last-modified: Thu, 24 May 2018 15:22:13 GMT
etag: "5b06d8a5-272"
content-encoding: gzip
expires: Wed, 06 Jun 2018 16:12:34 GMT
cache-control: max-age=300
set-cookie: http_cf_ipcountry=DE; Domain=ads.prnt.sc; Path=/;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426c21f77ca0978c-FRA

GET
S 200 all.js Show response
connect.facebook.net/en_US/ 203 KB
61 KB 23ms
6ms Script
application/x-javascript 185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

SPDY

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2b23c6be0ad37ee8fe3af32cc6bae4fc499b0ff069eccfb5799293c71b67aaa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: w/DH72WfOt5w25h20Qt+Kw==
status: 200
content-length: 62205
x-xss-protection: 0
x-ua-compatible: IE=edge,chrome=1
x-fb-debug: hYywG7jvBtmdeA/uFcZsRwM3FAegvt4IPcOOPOXLraXm99ZmbBVd84IEjT73NZGDkZZl3JWe10exAvJB4Zad7g==
x-fb-content-md5: 84ce12bc958976e17f31415e65e30b99
x-frame-options: DENY
date: Wed, 06 Jun 2018 16:07:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "292b3bd6cf6fc22eb855dfb75a3267e8"
timing-allow-origin: *
expires: Wed, 06 Jun 2018 16:16:07 GMT

GET
S 200 plusone.js Show response
apis.google.com/js/ 43 KB
17 KB 47ms
31ms Script
application/javascript 216.58.214.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

SPDY

Server

216.58.214.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f14.1e100.net

Software

ESF /

Resource Hash

1a68c8ed786272b79a1cb54d5f6fa5d27222de72acda34db1b0e7d753e22dfc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180603.15_p0
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180603.15_p0
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
date: Wed, 06 Jun 2018 16:07:34 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "f5002117e601dda434b0e74e1697d1b6"
timing-allow-origin: *
expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 118 KB
35 KB 22ms
6ms Script
application/javascript 192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: HTTP/1.1
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4195) /
Resource Hash: 76816ad15bbd186db1477dd0a948a2ac7b1ec9322893eeab902dda82b9abd3b7

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jun 2018 22:35:19 GMT
Server: ECS (fcn/4195)
Etag: "f9eabc9b471e9850d93d31e375144014+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35233

OPTIONS
S 204 / Show response
api.prntscr.com/v1/ 0
243 B 407ms
406ms XHR
text/plain 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/04/18/0320/js/jquery.1.8.2.min.js
Protocol: SPDY
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
server: cloudflare
access-control-allow-origin: https://prnt.sc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
status: 204
access-control-allow-credentials: true
cf-ray: 426c21f79c4697aa-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 3 KB
2 KB 462ms
145ms Script
text/javascript 192.207.255.146
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6229360&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fgk66h7&c=UTF-8&z=60918&b=1&x=1
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Server: 192.207.255.146 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy1.ad4game.com
Software: nginx /
Resource Hash: 52cc894ec57d959e722f970176283c7f9a872f067511840c6ed483e34dbac5b7

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.136
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

GET
S 200 track.js Show response
by2.uservoice.com/t2/199732/web/ 74 B
321 B 421ms
420ms Script
application/javascript 104.16.93.65
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://by2.uservoice.com/t2/199732/web/track.js?_=1528301254338&s=0&c=__uvSessionData0&d=eyJ1Ijp7Im8iOjB9LCJlIjp7InUiOiJodHRwczovL3BybnQuc2MvZ2s2Nmg3IiwiciI6IiJ9fQ%3D%3D

Requested by

Host: widget.uservoice.com
URL: https://widget.uservoice.com/vH5wQvnQPL3wtXH5KVXA.js

Protocol

SPDY

Server

104.16.93.65 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

12491c1242b76d749e395cb1cbd743bca27d0040e1d46a0219774a2533751567

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains;

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains;
cf-ray: 426c21f7ad5464c9-FRA
expires: Wed, 06 Jun 2018 16:07:33 GMT

GET
H/1.1 200
OK widget_iframe.c535a95e8a24202b16a5c12c5085d8db.html
platform.twitter.com/widgets/ Frame E8E1 0
0 6ms
6ms Document
text/html 192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.c535a95e8a24202b16a5c12c5085d8db.html?origin=https%3A%2F%2Fprnt.sc&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4193) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://prnt.sc/gk66h7
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Jun 2018 16:07:34 GMT
Etag: "6f4bb4155518386526ca164541e6b1ce+gzip"
Last-Modified: Tue, 05 Jun 2018 22:30:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4193)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5868

GET
H/1.1 200
OK button.bf357a6ba1a5f1fa0ddb61377ae3add5.js Show response
platform.twitter.com/js/ 4 KB
2 KB 11ms
6ms Script
application/javascript 192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.bf357a6ba1a5f1fa0ddb61377ae3add5.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41E7) /
Resource Hash: 71ef2be76ecf12f431795805b6bfb5a20523b7692be0e6106e8e2d18d3d33632

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jun 2018 22:30:32 GMT
Server: ECS (fcn/41E7)
Etag: "1d8bf9d779a256fc7c4434c8ce2298c8+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 1397

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.I7NRYb-aYKc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQE/rs=AGLTcCN0UzolROgYXRcCmhTInBETm4cyzg/ 131 KB
46 KB 6ms
6ms Script
text/javascript 216.58.214.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.I7NRYb-aYKc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=QQE/rs=AGLTcCN0UzolROgYXRcCmhTInBETm4cyzg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

216.58.214.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f14.1e100.net

Software

sffe /

Resource Hash

33ff702492ca16af03f0170efc3a8d67f1561419fe4779aab1eb8c7dce546ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 04 Jun 2018 23:15:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Jun 2018 07:40:55 GMT
server: sffe
age: 147103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 46653
x-xss-protection: 1; mode=block
expires: Tue, 04 Jun 2019 23:15:51 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.I7NRYb-aYKc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQE/rs=AGLTcCN0UzolROgYXRcCmhTInBETm4cyzg/ 98 KB
34 KB 11ms
11ms Script
text/javascript 216.58.214.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.I7NRYb-aYKc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQE/rs=AGLTcCN0UzolROgYXRcCmhTInBETm4cyzg/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

SPDY

Server

216.58.214.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f14.1e100.net

Software

sffe /

Resource Hash

dd7124b9436ca3a4cad4b88f8eeb9e42696d69d11d6f810725e1ea1820b95924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 04 Jun 2018 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 02 Jun 2018 07:40:55 GMT
server: sffe
age: 147096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35111
x-xss-protection: 1; mode=block
expires: Tue, 04 Jun 2019 23:15:58 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame C805 0
0 35ms
35ms Document
text/html 216.58.214.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.214.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180603.15_p0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&annotation=inline&width=120&origin=https%3A%2F%2Fprnt.sc&url=https%3A%2F%2Fprnt.sc%2Fgk66h7&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
cookie: NID=131=ZReoEgOERwDDNMjVDF8uAJ0k9ZcnCOHFHTGrfXUazNfIxC0oXklytN1i_AZURp0j3xxikTEtiBgv3XVrL6seQlP3awBcvOfWgpw-tET99HWaiIuhDq_ftm-o9JvKBpfj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
content-type: text/html; charset=utf-8
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180603.15_p0
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Wed, 06 Jun 2018 16:07:34 GMT
date: Wed, 06 Jun 2018 16:07:34 GMT
cache-control: private, max-age=3600
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
H2 200 EIL5DcDc3Zh.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 076A 0
0 9ms
7ms Document
text/html 185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
expires: Wed, 05 Jun 2019 20:24:05 GMT
cache-control: public,max-age=31536000,immutable
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: HpfxX8p43zBrmMzPFouMJp/sMe42SO/Hka/b7deD8iHFn4MvIkNucqTce/riUR/Au8KlGRhP9XugTp8kf2Wu8g==
content-length: 13840
date: Wed, 06 Jun 2018 16:07:34 GMT

GET
H/1.1 200
OK tweet_button.c535a95e8a24202b16a5c12c5085d8db.en.html
platform.twitter.com/widgets/ Frame 59C0 0
0 8ms
6ms Document
text/html 192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.c535a95e8a24202b16a5c12c5085d8db.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41C3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://prnt.sc/gk66h7
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Jun 2018 16:07:34 GMT
Etag: "0d1cb75cfb026016f4a6e97bed33e736+gzip"
Last-Modified: Tue, 05 Jun 2018 22:30:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41C3)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12554

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 0FF1 0
0 38ms
19ms Document
text/html 172.217.22.77
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.I7NRYb-aYKc.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=QQE/rs=AGLTcCN0UzolROgYXRcCmhTInBETm4cyzg/cb=gapi.loaded_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.77 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f77.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1q8/NF67j8RJgSO9bVtOai4jKns' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fprnt.sc&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.I7NRYb-aYKc.O%2Fm%3D__features__%2Fam%3DQQE%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCN0UzolROgYXRcCmhTInBETm4cyzg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
cookie: NID=131=ZReoEgOERwDDNMjVDF8uAJ0k9ZcnCOHFHTGrfXUazNfIxC0oXklytN1i_AZURp0j3xxikTEtiBgv3XVrL6seQlP3awBcvOfWgpw-tET99HWaiIuhDq_ftm-o9JvKBpfj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 06 Jun 2018 16:07:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-1q8/NF67j8RJgSO9bVtOai4jKns' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 7DBF
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

192.229.233.25
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.229.233.25 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/419A) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 06 Jun 2018 16:07:34 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 05 Jun 2018 22:35:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/419A)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 06 Jun 2018 16:07:34 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 06 Jun 2018 16:07:34 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 4b54ff9ec803e4bd2b7c3ed65f0765f5
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 104
x-transaction: 00b58bed00627b37
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
S 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ Frame DFD8 91 KB
33 KB 6ms
6ms Script
text/javascript 216.58.207.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: ads.prnt.sc
URL: https://ads.prnt.sc/proxy/300x250/index.html

Protocol

SPDY

Server

216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f10.1e100.net

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 12 Feb 2018 17:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9843056
status: 200
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 33621
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Feb 2019 17:56:38 GMT

GET
H2 200 adproxy.js Show response
ads.prnt.sc/proxy/ Frame DFD8 3 KB
2 KB 16ms
16ms Script
application/javascript 104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.prnt.sc/proxy/adproxy.js
Requested by: Host: ads.prnt.sc
URL: https://ads.prnt.sc/proxy/300x250/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a42f6951cb0b645244f283ad4b67d1f0f1555f5f2b12f2c78eb19c038f7f31

Request headers

:path: /proxy/adproxy.js
pragma: no-cache
cookie: __cfduid=db936d7898b1ddfdaba118053990d4ecf1528301253; _ga=GA1.2.733706358.1528301254; _gid=GA1.2.561544508.1528301254; _gat=1; http_cf_ipcountry=DE
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ads.prnt.sc
referer: https://ads.prnt.sc/proxy/300x250/index.html
:scheme: https
:method: GET
Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 May 2018 15:22:13 GMT
server: cloudflare
etag: "5b06d8a5-5b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 426c21f9cefe978c-FRA
content-length: 1464
expires: Wed, 06 Jun 2018 20:07:34 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ Frame DFD8 104 KB
37 KB 52ms
24ms Script
application/x-javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ads.prnt.sc
URL: https://ads.prnt.sc/proxy/300x250/index.html

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

9b33c6d2db5023cda0736993dd3eaa8fb25138d56ef90e889a0251be90672a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 31 May 2018 13:12:41 GMT
Server: nginx/1.8.1
Strict-Transport-Security: max-age=31536000
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 37083
Expires: Wed, 06 Jun 2018 17:07:34 GMT

GET
H2 200 index.html Show response
ads.prnt.sc/ads/adtrue/300x250/ Frame DFD8 2 KB
1 KB 116ms
116ms Document
text/html 104.27.101.99
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.prnt.sc/ads/adtrue/300x250/index.html
Requested by: Host: ads.prnt.sc
URL: https://ads.prnt.sc/proxy/adproxy.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.27.101.99 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f52326d11660e9732b027c95f532f6a1c1924f69e5f65b3d67bec38e97c2e6d

Request headers

:method: GET
:authority: ads.prnt.sc
:scheme: https
:path: /ads/adtrue/300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://ads.prnt.sc/proxy/300x250/index.html
accept-encoding: gzip, deflate
cookie: __cfduid=db936d7898b1ddfdaba118053990d4ecf1528301253; _ga=GA1.2.733706358.1528301254; _gid=GA1.2.561544508.1528301254; _gat=1; http_cf_ipcountry=DE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://ads.prnt.sc/proxy/300x250/index.html

Response headers

status: 200
date: Wed, 06 Jun 2018 16:07:34 GMT
content-type: text/html
content-length: 999
last-modified: Thu, 24 May 2018 15:22:13 GMT
etag: "5b06d8a5-3e7"
content-encoding: gzip
expires: Wed, 06 Jun 2018 16:12:34 GMT
cache-control: max-age=300
set-cookie: http_cf_ipcountry=DE; Domain=ads.prnt.sc; Path=/;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 426c21f9ff23978c-FRA

POST
S 200 / Show response
api.prntscr.com/v1/ 92 B
331 B 371ms
371ms XHR
application/json 104.20.13.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.20.13.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://prnt.sc/gk66h7
Origin: https://prnt.sc
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Jun 2018 16:07:35 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://prnt.sc
access-control-allow-credentials: true
cf-ray: 426c21fa1f149706-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/34788485/ Frame DFD8
Redirect Chain

https://mc.yandex.ru/watch/34788485?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3...
https://mc.yandex.ru/watch/34788485/1?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10...

0
-1 B

12ms
12ms

XHR

87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/34788485/1?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A300x250%3Ai%3A20180606160734%3Aet%3A1528301255%3Aen%3Awindows-1252%3Av%3A1152%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A917229339%3Ahid%3A295715282%3Ads%3A0%2C0%2C364%2C1%2C0%2C0%2C0%2C26%2C3%2C397%2C%2C%2C393%3Ast%3A1528301255%3Au%3A15283012551032070702

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:34 GMT
Last-Modified: Wed, 06 Jun 2018 16:07:34 GMT
Server: nginx/1.8.1
Location: https://mc.yandex.ru/watch/34788485/1?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A300x250%3Ai%3A20180606160734%3Aet%3A1528301255%3Aen%3Awindows-1252%3Av%3A1152%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A917229339%3Ahid%3A295715282%3Ads%3A0%2C0%2C364%2C1%2C0%2C0%2C0%2C26%2C3%2C397%2C%2C%2C393%3Ast%3A1528301255%3Au%3A15283012551032070702
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: https://ads.prnt.sc
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Jun 2018 16:07:34 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:34 GMT
Last-Modified: Wed, 06 Jun 2018 16:07:34 GMT
Server: nginx/1.8.1
Location: https://mc.yandex.ru/watch/34788485/1?wmode=7&page-ref=https%3A%2F%2Fprnt.sc%2Fgk66h7&page-url=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&charset=utf-8&ut=noindex&browser-info=ti%3A10%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A300x250%3Ai%3A20180606160734%3Aet%3A1528301255%3Aen%3Awindows-1252%3Av%3A1152%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A917229339%3Ahid%3A295715282%3Ads%3A0%2C0%2C364%2C1%2C0%2C0%2C0%2C26%2C3%2C397%2C%2C%2C393%3Ast%3A1528301255%3Au%3A15283012551032070702
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: https://ads.prnt.sc
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ Frame DFD8 43 B
373 B 23ms
12ms Image
image/gif 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:34 GMT
Content-Type: image/gif
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.8.1
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Wed, 29 Apr 2048 16:07:34 GMT

GET
S 200 fltiu.js Show response
pixel.yabidos.com/ 3 KB
2 KB 28ms
9ms Script
application/javascript 104.16.52.4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=639383f5130393f5830363&cid=608&p=11183&s=http%3A%2F%2FPrnt.sc&x=a4g&nci=25054&adtg=60918&nai=0&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&ip=000.251.45.254
Requested by: Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g6229360&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fgk66h7&c=UTF-8&z=60918&b=1&x=1
Protocol: SPDY
Server: 104.16.52.4 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d48bba11ba2e6f914210be7cc6bf1ffa4456a663f1e7b047a0b418ff44654215

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 23 May 2018 18:37:56 GMT
server: cloudflare
x-amz-request-id: E112EA72A26D7B71
etag: W/"90eaa94cdbe31f92356587c881013518"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 426c21faad7196e2-FRA
x-amz-id-2: aL9w23vvWpT2F26yaFkRruCZefb0Zmfi+39cSNMj2X8svC2N1ZMZLquupPmP45vJA6Ty6aElURU=
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
S 200 adbyv1.gif
cdn.ad4game.com/ 112 B
369 B 6ms
5ms Image
image/gif 151.139.242.3
netDNA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ad4game.com/adbyv1.gif
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 151.139.242.3 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Wed, 06 Jun 2018 16:07:34 GMT
referrer-policy: no-referrer
last-modified: Sat, 28 Jan 2012 03:19:10 GMT
server: nginx
access-control-allow-origin: *
etag: "4f23692e-70"
status: 200
x-cache: HIT
content-type: image/gif
x-serveraddr: 10.100.0.140
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 112

GET
H/1.1 200
OK lg.php
ads.ad4game.com/www/delivery/ 35 B
858 B 428ms
112ms Image
image/gif 192.207.255.147
MNX Solutions LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.ad4game.com/www/delivery/lg.php?bannerid=496953&campaignid=25054&zoneid=60918&tag=asyncjs&ib=0&cb=YTY2MjVlNzk4MzRj&ev=3.3&tagi=2018-05-28T07-07&if=1&sf=0
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: HTTP/1.1
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://prnt.sc/gk66h7
Origin: https://prnt.sc

Response headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 35
X-Application-Context: application:12063
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/34788485/ Frame DFD8 133 B
699 B 25ms
12ms XHR
application/json 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: prnt.sc
URL: https://prnt.sc/gk66h7

Protocol

HTTP/1.1

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

nginx/1.8.1 /

Resource Hash

334f5a6afbcedfdeed8e5e4f7a037c4e8456f9fe51a421dbbedfc52577b933b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Origin: https://ads.prnt.sc
Referer: https://ads.prnt.sc/proxy/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:34 GMT
X-Content-Type-Options: nosniff
Content-Type: application/json; charset=utf-8
Last-Modified: Wed, 06 Jun 2018 16:07:34 GMT
Server: nginx/1.8.1
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Origin: https://ads.prnt.sc
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Wed, 06 Jun 2018 16:07:34 GMT

GET
S 200 kfl.js Show response
pixel.yabidos.com/ 1 KB
812 B 11ms
10ms Script
application/javascript 104.16.52.4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/kfl.js
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=639383f5130393f5830363&cid=608&p=11183&s=http%3A%2F%2FPrnt.sc&x=a4g&nci=25054&adtg=60918&nai=0&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&ip=000.251.45.254
Protocol: SPDY
Server: 104.16.52.4 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a34774a6b9c8a4428fea6542b0f83cafb9ac1374b2452a377857a5965958b249

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Nov 2017 17:47:24 GMT
server: cloudflare
x-amz-request-id: 566F914A39CACD38
etag: W/"4eeb39ce5c3767b281744069995b13ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 426c21fabd8c96e2-FRA
x-amz-id-2: 9oYbM0RZ17iAnWOvFU8dYJECaE9ZbtPW8zvW+GEKRCh1ZsNdT0YqaXrue51LBr1Ytyi0JlnDGMY=
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
S 200 iftfl.js Show response
pixel.yabidos.com/ 4 KB
4 KB 9ms
9ms Script
application/javascript 104.16.52.4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/iftfl.js?cb=1528301254833&ver1=2.2.1&rnd=8avjr58l5p5p&cid=608
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=639383f5130393f5830363&cid=608&p=11183&s=http%3A%2F%2FPrnt.sc&x=a4g&nci=25054&adtg=60918&nai=0&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&ip=000.251.45.254
Protocol: SPDY
Server: 104.16.52.4 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbab29fbc31411d35588eed8c18211a265e51019e060b6c346bd282a550633dd

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 23 May 2018 18:37:57 GMT
server: cloudflare
x-amz-request-id: 0385C20AB9F67FB2
etag: W/"6054ce3d8239c72b8aa45f5de7ea53c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 426c21fabd8d96e2-FRA
x-amz-id-2: CvbZFEJ7OmzRlKcIxOy0hoOE/5ciQwvZIKdQDv3Dh3ptHMZCtvAR/cLlOayrtyfE19ntHWWplPM=
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
S 200 flimpobj.js Show response
pixel.yabidos.com/ 23 KB
18 KB 47ms
47ms Script
application/javascript 104.16.52.4
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1528301254833&ver1=2.2.1&rnd=8avjr58l5p5p&cid=608
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=639383f5130393f5830363&cid=608&p=11183&s=http%3A%2F%2FPrnt.sc&x=a4g&nci=25054&adtg=60918&nai=0&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&ip=000.251.45.254
Protocol: SPDY
Server: 104.16.52.4 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d387533f8f3537b04c0fea34316a983c464f3442ba8a6c1d2041ab58085c16f3

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 23 May 2018 18:37:55 GMT
server: cloudflare
x-amz-request-id: B047F7C167A8894B
etag: W/"0543e56e2b74193c71e5cb4ddaf175ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 426c21fabd8e96e2-FRA
x-amz-id-2: IkSV+zIFxg8gqMDy3Y/7cUzkScV4Ybi4gjifjHrssAr/a7KrhhOQSyG6nBUTSi+YXYpzjP6GIGA=
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
S 200 async.js Show response
cdn.adtrue.com/rtb/ Frame DFD8 7 KB
3 KB 172ms
157ms Script
application/x-javascript 104.20.49.111
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: ads.prnt.sc
URL: https://ads.prnt.sc/ads/adtrue/300x250/index.html
Protocol: SPDY
Server: 104.20.49.111 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43dad3c3c5cdf4d78337ab0bc4a987a014dd0c3ce4e74c5912da10cbed360de4

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2017 05:06:20 GMT
server: cloudflare
etag: W/"59815dcc-1bfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=31104000
cf-ray: 426c21fad9772780-FRA
expires: Sat, 01 Jun 2019 16:07:35 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ Frame DFD8 34 KB
14 KB 6ms
6ms Script
text/javascript 172.217.22.78
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ads.prnt.sc
URL: https://ads.prnt.sc/ads/adtrue/300x250/index.html

Protocol

SPDY

Server

172.217.22.78 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f78.1e100.net

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4287
date: Wed, 06 Jun 2018 14:56:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Wed, 06 Jun 2018 16:56:07 GMT

GET
S 200 nflrc.gif
pre.glotgrx.com/ 26 B
513 B 32ms
13ms Image
image/gif 104.16.64.54
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1528301254907737&ver=1.2r43&qid=639383f5130393f5830363&p=11183&s=http%253A//Prnt.sc&x=a4g&cid=608&od1=&od2=&adtg=60918&nci=25054&nai=0&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8avjr58l5p5p&tps=37&ver1=2.2.1&ip=000.251.45.254&ua=Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+HeadlessChrome%2F66.0.3359.139+Safari%2F537.36&1=c85030e1a522d5480ad1fc56031aa3c7&2=0.0&3=1200_1600_1200_1600_24_24&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&dbgcid=608&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=26&icp=https%253A//prnt.sc/gk66h7&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-20-x-fl-3-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-5-nci-fl-5-nai-fl-1-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ip-fl-14-ua-fl-133-&spfp=0&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andLinux&adv=0&det=0&adb=0&iip=0&spf=0&adc=2&adcd=i0_f2_o0_e0&vps=1600x1200&jcd=0&flerr=0&trim=&fio=25
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.16.64.54 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:34 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2017 21:28:05 GMT
server: cloudflare
x-amz-request-id: 1826AA7C1389473A
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=7200
cf-ray: 426c21fb7f5363af-FRA
content-length: 26
x-amz-id-2: Lsk1praj8Ol8vBW1VraXh3XvDvL0UBvy64KrqRtHc7zYPxz9Ze3NmMNBjyk87vRMJokTXj2RgcU=
expires: Wed, 06 Jun 2018 18:07:34 GMT

GET
H/1.1 200
OK impress Show response
exchange.adtrue.com/delivery/ Frame 3A08 687 B
873 B 718ms
180ms Script
application/javascript 52.89.231.154
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=1452&ref=https://ads.prnt.sc/proxy/300x250/index.html&cb=2545121637&loc=https://ads.prnt.sc/proxy/300x250/index.html
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: HTTP/1.1
Server: 52.89.231.154 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-89-231-154.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 12765c6f938c1d8f8eeae3822f118ac8f904be5ebc686c03377afd61adc064d0

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:35 GMT
X-Host-Name: tag3-microservice
Server: nginx
Connection: keep-alive
Content-Length: 687
Content-Type: application/javascript

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ Frame 3A08 75 KB
22 KB 53ms
14ms Script
text/javascript 178.250.2.74
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=1452&ref=https://ads.prnt.sc/proxy/300x250/index.html&cb=2545121637&loc=https://ads.prnt.sc/proxy/300x250/index.html
Protocol: HTTP/1.1
Server: 178.250.2.74 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: static.criteo.net
Software: nginx /
Resource Hash: cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2007 08:50:25 GMT
Server: nginx
ETag: W/"5b086414-12b96"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Thu, 07 Jun 2018 16:07:35 GMT

GET
H/1.1 200
OK ajs.php Show response
cas.criteo.com/delivery/ Frame 3A08 1 KB
2 KB 104ms
29ms Script
text/javascript 178.250.0.71
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=351593&cb=15773695535&nodis=1&charset=windows-1252&dc=2&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.71 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: cas.criteo.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ba4d2787d3498fba00d9c82559fbc748937f5f64c599476664314ed840b21b7

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 06 Jun 2018 16:07:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Content-Length: 1044
Pragma: no-cache
Server: Microsoft-IIS/10.0
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3A08 0
4 KB 22ms
6ms Script
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cas.criteo.com
URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=351593&cb=15773695535&nodis=1&charset=windows-1252&dc=2&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
Protocol: HTTP/1.1
Server: 2.18.233.180 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Cache-Control: max-age=172736, public
Last-Modified: Thu, 31 May 2018 07:27:09 GMT
Content-Type: text/html; charset=UTF-8
Expires: Thu, 07 Jun 2018 07:56:10 GMT

GET
H/1.1 200
OK lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3A08 43 B
330 B 110ms
29ms Image
image/gif 178.250.0.66
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=1&cpp=F9oHkXwwN1VKUVA0WS9MS3BiRzFLL090cC9hakt0RXpLVVU1My9iQTQrdDZIQlk2cE1yYTd0SFNJdGtBb2QwVmxPUW5UUmdOTUYxZzJsR2hzR0s0aG5ETXNKY053MTlHUWp3KzZ4TjFxNjNXbCs1NUxRcGdDcCtQTWowMTBpRHpESVFDdG9FWWJkdVB2UGtBK3dZNy9MY0ZlUVozSUk5SmxkdTR5L0dRV29kaFhwL3VrUlMvMGJ3NkJwcmlmWEN3K1FGZjJNd3pqTDArSEZiZHJnemR2d1Z6ZklabGlzcjV5Ty9PTjVoYXlpVC9KZy9TMERta3dGQ2x4V0xhdXRsUnBjVExyfA%3D%3D
Requested by: Host: cas.criteo.com
URL: https://cas.criteo.com/delivery/ajs.php?ptv=51&zoneid=351593&cb=15773695535&nodis=1&charset=windows-1252&dc=2&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
Protocol: HTTP/1.1
Server: 178.250.0.66 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:35 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match.aspx
dis.criteo.com/rex/ Frame 3A08
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=5c627885-3475-4ed8-a54e-8d0222f57cbe&d=MACRO&r=https%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d31%26uid%3d
https://us-u.openx.net/w/1.0/cm?cc=1&id=5c627885-3475-4ed8-a54e-8d0222f57cbe&d=MACRO&r=https%3a%2f%2fdis.criteo.com%2frex%2fmatch.aspx%3fc%3d31%26uid%3d
https://dis.criteo.com/rex/match.aspx?c=31&uid=8b308b34-aabc-4ce1-8d34-4b949839051f

43 B
465 B

52ms
14ms

Image
image/gif

178.250.2.76
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/rex/match.aspx?c=31&uid=8b308b34-aabc-4ce1-8d34-4b949839051f
Requested by: Host: ads.prnt.sc
URL: https://ads.prnt.sc/ads/adtrue/300x250/index.html
Protocol: HTTP/1.1
Server: 178.250.2.76 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: dis.criteo.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Jun 2018 16:07:35 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP='CUR ADM OUR NOR STA NID'
Cache-Control: private
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/rex/match.aspx?c=31&uid=8b308b34-aabc-4ce1-8d34-4b949839051f
Date: Wed, 06 Jun 2018 16:07:35 GMT
Server: OXGW/16.24.0
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Length: 0
Vary: Accept
Content-Type: image/gif

GET
H2 200 request
track.adtrue.com/track/ Frame CBCC 0
0 541ms
176ms Document
text/html 54.148.141.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=1452&domain=ads.prnt.sc&ref=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
Requested by: Host: ads.prnt.sc
URL: https://ads.prnt.sc/ads/adtrue/300x250/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.141.242 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-148-141-242.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=1452&domain=ads.prnt.sc&ref=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html&loc=https%3A%2F%2Fads.prnt.sc%2Fproxy%2F300x250%2Findex.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html
accept-encoding: gzip, deflate
cookie: __cfduid=d1ed35fdd9f8167446e0b84318700a6771528301254
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://ads.prnt.sc/ads/adtrue/300x250/index.html

Response headers

status: 200
date: Wed, 06 Jun 2018 16:07:36 GMT
content-type: text/html
server: nginx
vary: Accept-Encoding
content-encoding: gzip

GET
S 200 vbl.gif
pre.glotgrx.com/ 26 B
268 B 8ms
7ms Image
image/gif 104.16.64.54
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1528301256028&rnd=8avjr58l5p5p&ifm=0&uai=1&cid=608&s=http%253A//Prnt.sc&p=11183&x=a4g&adtg=60918&nci=25054&nai=0&pft=0&iip=148.251.45.170&adb=0&adc=2&adcd=i0_f2_o0_e0&ai=&icp=https%253A//prnt.sc/gk66h7
Requested by: Host: prnt.sc
URL: https://prnt.sc/gk66h7
Protocol: SPDY
Server: 104.16.64.54 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://prnt.sc/gk66h7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 06 Jun 2018 16:07:36 GMT
cf-cache-status: HIT
x-amz-request-id: C60082DBF277E56F
status: 200
content-length: 26
x-amz-id-2: nhgML5YFHLRb5aZJw8ttrRfMw53tOUqaZvnHWfyK2MUYMbvU74jbgn7oDWhyh3xtOyO4NcPQiqE=
last-modified: Wed, 05 Apr 2017 17:26:13 GMT
server: cloudflare
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
expires: Wed, 06 Jun 2018 18:07:36 GMT
cache-control: public, max-age=7200
cf-ray: 426c22022c4663af-FRA
x-amz-meta-s3b-last-modified: 20170405T172547Z

GET
H2

200

EIL5DcDc3Zh.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 171D
Redirect Chain

https://www.facebook.com/connect/ping?client_id=154822244543652&domain=prnt.sc&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%2...
https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

0
0

7ms
7ms

Document
text/html

185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
expires: Wed, 05 Jun 2019 20:24:05 GMT
cache-control: public,max-age=31536000,immutable
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: HpfxX8p43zBrmMzPFouMJp/sMe42SO/Hka/b7deD8iHFn4MvIkNucqTce/riUR/Au8KlGRhP9XugTp8kf2Wu8g==
content-length: 13840
date: Wed, 06 Jun 2018 16:07:36 GMT

Redirect headers

status: 302
x-xss-protection: 0
pragma: no-cache
location: https://staticxx.facebook.com/connect/xd_arbiter/r/EIL5DcDc3Zh.js?version=42#cb=f386ea17cc67f24&domain=prnt.sc&origin=https%3A%2F%2Fprnt.sc%2Ff33c743b51e8f64&relation=parent&error=unknown_user
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset=UTF-8
x-fb-debug: Yq/VAGBkiMQZ0/tEWIDcbK2ildGXP00E05EGEgvxsdAwsyJmWsirvodq6QsCCPFV0077rSHEQp/2ipxgTAO6Fw==
content-length: 0
date: Wed, 06 Jun 2018 16:07:36 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 69B4 0
0 82ms
82ms Document
text/html 185.60.216.38
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Dfdd5d52c78e6d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Dfdd5d52c78e6d8%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=70&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-fb-debug: qKU8yeGA6gllMYYiwqr3RyIHX75GSZmeEOy3ZtXE5fSn1xKgY3nBwqQ6ly5Jn6OG5cAb0DN5NyofuleAUxZbwQ==
date: Wed, 06 Jun 2018 16:07:36 GMT

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame 2EEA
Redirect Chain

https://www.facebook.com/plugins/comments.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4f...
https://www.facebook.com/plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4f...

0
0

219ms
218ms

Document
text/html

185.60.216.38
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-fb-debug: HcYSM7WnkJaZmGyD3vORLagCsYJVnT4fnfvY46IO7+Nhf3WEJc+LYaGOhm1s9pqUx8plnpSt3/Sx5xHrr7g2dA==
date: Wed, 06 Jun 2018 16:07:36 GMT

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?api_key=154822244543652&channel_url=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df3f6edc5a1b4fbc%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&href=https%3A%2F%2Fprnt.sc%2Fgk66h7&locale=en_US&numposts=5&sdk=joey&width=350
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
vary: Origin
access-control-expose-headers: X-FB-Debug, X-Loader-Length
access-control-allow-origin: https://www.facebook.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-fb-debug: IyKQu5m5x+H9nJDZ9bem36zutxYIKJo3r15NPw4jp/pS1ZMibZK8Xe4GMbM7bgnLZE4D4LjMyCdzoQvWGXFGng==
content-length: 0
date: Wed, 06 Jun 2018 16:07:36 GMT

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame E2EA 0
0 171ms
171ms Document
text/html 185.60.216.38
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df1dd14b301caf7c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.60.216.38 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FEIL5DcDc3Zh.js%3Fversion%3D42%23cb%3Df1dd14b301caf7c%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff33c743b51e8f64%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://prnt.sc/gk66h7
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: E86121CB0D5B0E7C8F6AC755F0A3707D
Referer: https://prnt.sc/gk66h7

Response headers

status: 200
timing-allow-origin: *
x-xss-protection: 0
pragma: no-cache
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control: private, no-cache, no-store, must-revalidate
expect-ct: max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
x-fb-debug: dbIgjTRFHLv+MWx96jnAFWmESr5o1UhwZgBWTHEtFACrNIlKd5vjg4wRH2ROolwlFKgjFGp3Bf0RjBGu8qx4fQ==
date: Wed, 06 Jun 2018 16:07:36 GMT

GET
S 200 worker.nude.js Show response
st.prntscr.com/2018/04/18/0320/js/ 3 KB
1 KB 17ms
17ms XHR
application/javascript 104.20.14.105
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2018/04/18/0320/js/worker.nude.js
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/04/18/0320/js/script.mix.js
Protocol: SPDY
Server: 104.20.14.105 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://prnt.sc/gk66h7
Origin: https://prnt.sc

Response headers

date: Wed, 06 Jun 2018 16:07:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Apr 2018 03:22:43 GMT
server: cloudflare
status: 200
etag: W/"5ad6ba03-ad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://prnt.sc
cache-control: max-age=1800
cf-ray: 426c22091b5f97aa-FRA
expires: Wed, 06 Jun 2018 16:21:25 GMT

GET
BLOB 200
OK cfdb7165-5ada-4259-ba9f-7d180542819d
https://prnt.sc/ 3 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prnt.sc/cfdb7165-5ada-4259-ba9f-7d180542819d
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2018/04/18/0320/js/script.mix.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Content-Length: 2777
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prnt.sc
URL: https://prnt.sc/gk66h7

Verdicts & Comments Add Verdict or Comment

297 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adtrue.com/	1970-01-18 16:31:41	Name: _gat Value: 1
.adtrue.com/	1970-01-18 16:33:07	Name: _gid Value: GA1.2.979798249.1528301257
.adtrue.com/	1970-01-19 10:02:53	Name: _ga Value: GA1.2.1521838123.1528301257

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-cpm.amazon-adsystem.com
accounts.google.com
ads.ad4game.com
ads.prnt.sc
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
api.prntscr.com
apis.google.com
by2.uservoice.com
c.amazon-adsystem.com
cas.criteo.com
cat.fr.eu.criteo.com
cdn.ad4game.com
cdn.adtrue.com
connect.facebook.net
dis.criteo.com
exchange.adtrue.com
googleads.g.doubleclick.net
image.prntscr.com
mc.yandex.ru
pagead2.googlesyndication.com
pixel.yabidos.com
platform.twitter.com
pre.glotgrx.com
prnt.sc
prntscr.com
st.prntscr.com
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
track.adtrue.com
us-u.openx.net
widget.uservoice.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.increaserev.com
prnt.sc
104.16.52.4
104.16.64.54
104.16.93.65
104.20.13.105
104.20.14.105
104.20.49.111
104.244.42.200
104.27.101.99
104.31.94.190
13.32.217.247
151.139.242.3
172.217.21.226
172.217.22.67
172.217.22.77
172.217.22.78
172.217.23.130
173.194.76.154
173.241.240.143
178.250.0.66
178.250.0.71
178.250.2.74
178.250.2.76
185.60.216.19
185.60.216.38
192.207.255.146
192.207.255.147
192.229.233.25
2.18.233.180
216.58.207.74
216.58.214.34
216.58.214.36
216.58.214.46
52.89.231.154
52.94.216.48
54.148.141.242
87.250.251.119
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
12491c1242b76d749e395cb1cbd743bca27d0040e1d46a0219774a2533751567
126b3347a99161033e3f36ba862b6e2478b4a2bf313234cfbc51d3dd2c2651e8
12765c6f938c1d8f8eeae3822f118ac8f904be5ebc686c03377afd61adc064d0
1a68c8ed786272b79a1cb54d5f6fa5d27222de72acda34db1b0e7d753e22dfc5
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
2222b64c7e37a7d528c8326ebaee33ae44bae57d7654db28e1122c0cae8a93db
27869d25259a57e13dcdea60dba73c0bee4cb06dc0aeb5b311824b65f0588748
2b23c6be0ad37ee8fe3af32cc6bae4fc499b0ff069eccfb5799293c71b67aaa7
2dfac4ab0285cf3c40aa94feb438a5254a14a5ad80c6490a12d847106d759b8e
2e145f951ea4535f27315f0419252111cbfe42ab28091b3a2a2582ccc2a48853
334f5a6afbcedfdeed8e5e4f7a037c4e8456f9fe51a421dbbedfc52577b933b0
33ff702492ca16af03f0170efc3a8d67f1561419fe4779aab1eb8c7dce546ecf
390034444536e558ac4b6e42a3bb610b30eacfbfd93f0fa72c4a885e5fdcbdd6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
43dad3c3c5cdf4d78337ab0bc4a987a014dd0c3ce4e74c5912da10cbed360de4
44a4a6e145c1d34aaeac6a7f51b13ba5a448ac75ce66713f7979fa98eea1f40c
461f12ef91228c2591d3f3127319e8f0220a9e643d9039701ba86165d3692a41
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
4cee2541161cf165e2e8ce22b81ec2cf8ccc162064124fb350df3b452a992a50
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52cc894ec57d959e722f970176283c7f9a872f067511840c6ed483e34dbac5b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ba4d2787d3498fba00d9c82559fbc748937f5f64c599476664314ed840b21b7
6f52326d11660e9732b027c95f532f6a1c1924f69e5f65b3d67bec38e97c2e6d
71ef2be76ecf12f431795805b6bfb5a20523b7692be0e6106e8e2d18d3d33632
76816ad15bbd186db1477dd0a948a2ac7b1ec9322893eeab902dda82b9abd3b7
79c2ee1b0f789c08f0aa63a3e872232dfe18bf034fa0abe31e5828775b9da3c4
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7f98aaa737878a6da995de1086cd3436190c68f3defb200176ace4267cf1cf07
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
8dc4ac981d38fc31b8a9ed16b29e779b9288fcb6f4ae4787e8bbb5ce7d04c8d1
9251076990f3881a584eafc43ffe8a85ebee0c82f48c00de4b1f1fa25413e3e7
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
99b08423e78999ba439a316738c4393ee73c1d72f91660a89d73fefe0e23a118
9b33c6d2db5023cda0736993dd3eaa8fb25138d56ef90e889a0251be90672a7c
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a34774a6b9c8a4428fea6542b0f83cafb9ac1374b2452a377857a5965958b249
af00a7befd984dabf2db143a93757b3de5d74b6985e0d77109b4806d79e3705d
b22174ca5c2657a9b5f680e573bfd2041b0952c7cee130a9e09764e879cb7b6e
b84b7505eba0e0c989311415d0416fc9850d3214741e62d85a51655db1e6a80c
bfe0d4140c7b904c7628f72b80591f70d4bd499b1401df123cc24b7d3617c8fa
c1a42f6951cb0b645244f283ad4b67d1f0f1555f5f2b12f2c78eb19c038f7f31
c9dd12b5a4879bb4ba94efbc8a889a43288d0ca973433479cca2740969a58bc8
cb0d4898e672ec6c78416c069d61c9ec41b45dd81a24e6001ed5d68a64dab782
cc708db8bb66e7f26ff48d82f63b93332058955c78f0dbadf0ff2039ea855113
d387533f8f3537b04c0fea34316a983c464f3442ba8a6c1d2041ab58085c16f3
d48bba11ba2e6f914210be7cc6bf1ffa4456a663f1e7b047a0b418ff44654215
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dd2de3ee9231c3511b8b0360375664c7b18d0ad997e37dde494331017f694976
dd7124b9436ca3a4cad4b88f8eeb9e42696d69d11d6f810725e1ea1820b95924
e1b0ee9f378cc764fde807c6a31c0a1ac96a1caa5d790a9916ab7a6765dd17a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2defb684672ffc70c5bb5468038c2b716cd3707d6beb3461674369072fa261
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fbab29fbc31411d35588eed8c18211a265e51019e060b6c346bd282a550633dd

prnt.sc Open in urlscan Pro 104.27.101.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

21 %HTTPS

0 %IPv6

23 Domains

41 Subdomains

33 IPs

5 Countries

615 kBTransfer

1679 kBSize

3 Cookies

13 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prnt.sc Open in urlscan Pro
104.27.101.99 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

21 %
HTTPS

0 %
IPv6

23
Domains

41
Subdomains

33
IPs

5
Countries

615 kB
Transfer

1679 kB
Size

3
Cookies

81 HTTP transactions
1 data transactions