prnt.sc Open in urlscan Pro
172.67.72.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prnt.sc/rMOFsXHxTuzk
Submission: On March 22 via manual (March 22nd 2024, 11:35:13 pm UTC) from DE — Scanned from DE

Summary HTTP 56 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 14 domains to perform 56 HTTP transactions. The main IP is 172.67.72.27, located in United States and belongs to CLOUDFLARENET, US. The main domain is prnt.sc. The Cisco Umbrella rank of the primary domain is 326755.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.72.27 172.67.72.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	104.23.140.12 104.23.140.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	104.23.139.12 104.23.139.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:33::212:40ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
56	18

2 172.67.72.27 (United States)

ASN13335 (CLOUDFLARENET, US)

prnt.sc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.23.140.12 (None, )

ASN13335 (CLOUDFLARENET, US)

st.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.23.139.12 (None, )

ASN13335 (CLOUDFLARENET, US)

img001.prntscr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:33::212:40ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.207.255.147 (United States)

ASN62821 (AS-MNX, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	prntscr.com st.prntscr.com — Cisco Umbrella Rank: 367766 img001.prntscr.com — Cisco Umbrella Rank: 399875 api.prntscr.com — Cisco Umbrella Rank: 401488	285 KB
10	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 820 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 287	204 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1784 syndication.twitter.com — Cisco Umbrella Rank: 2210	148 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	14 KB
3	ad4game.com cdn.ad4game.com — Cisco Umbrella Rank: 760426 ads.ad4game.com — Cisco Umbrella Rank: 530843	87 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	21 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275	139 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	90 KB
2	prnt.sc prnt.sc — Cisco Umbrella Rank: 326755	21 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 341	29 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4233	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	91 KB
0	consensu.org Failed quantcast.mgr.consensu.org Failed
56	14

	Domain	Requested by
15	st.prntscr.com	prnt.sc st.prntscr.com
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
4	www.facebook.com	connect.facebook.net
4	platform.twitter.com	prnt.sc platform.twitter.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	syndication.twitter.com	platform.twitter.com prnt.sc
2	api.prntscr.com	st.prntscr.com
2	connect.facebook.net	prnt.sc connect.facebook.net
2	cdn.ad4game.com	prnt.sc cdn.ad4game.com
2	www.google-analytics.com	prnt.sc www.google-analytics.com
2	prnt.sc	prnt.sc
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagservices.com	ads.ad4game.com
1	www.google.de	prnt.sc
1	www.google.com	prnt.sc
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ads.ad4game.com	cdn.ad4game.com
1	img001.prntscr.com	prnt.sc
1	www.googletagmanager.com	prnt.sc
0	quantcast.mgr.consensu.org Failed	prnt.sc
56	21

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com

Subject Issuer	Validity	Valid
prnt.sc E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
cdn.ad4game.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-31` - `2024-03-30`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.ad4game.com Go Daddy Secure Certificate Authority - G2	`2023-11-17` - `2024-12-18`	a year	crt.sh
syndication.twitter.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://prnt.sc/rMOFsXHxTuzk
Frame ID: 44847D90EEE404E7C8E0B6F46B0B323D
Requests: 38 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fprnt.sc
Frame ID: D93CD682BEB417BACB577FCB63B5DC08
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.de.html
Frame ID: FCB9D5F99E4A375D995C6149704617A4
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfce82ec284b8108b3%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: D502258078AFCBFE24DB8EF24447BDEF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd1a2dffe2821d344%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2dg70k0
Frame ID: 7670A1C1F30B3E00BCF78D0D5F3F9277
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: 60C82876E246E479E0CBFA2C4F1DBD2B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mit Lightshot geschossen

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

96 %
HTTPS

71 %
IPv6

14
Domains

21
Subdomains

18
IPs

4
Countries

1128 kB
Transfer

3018 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://app.prntscr.com/translate-lightshot.html
Title: Add your language

Search URL Search Domain Scan URL

URL: https://prntscr.com/gallery.html
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://twitter.com/Light_shot

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Lighshot

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/
Title: Mit Lightshot geschossen

Search URL Search Domain Scan URL

URL: http://www.google.com/searchbyimage?image_url=https://img001.prntscr.com/file/img001/6LjVpnONSkK6cUVqUnZW3A.png
Title: Ähnliches finden

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/download.html
Title: Herunterladen

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/tutorials.html
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/help.html
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://app.prntscr.com/advertise.html
Title: Werben

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rMOFsXHxTuzk Show response
prnt.sc/ 16 KB
5 KB 255ms
216ms Document
text/html 172.67.72.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d27749b2aaf85d9595f77491e8832936e15087e89bff00505a5ef2ef2b2fc65d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8689ff16faf8696f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 23:35:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eo0bL6mlcO12%2BdzcgG%2Fho2tB7Deuo2OhHWlq5BpUSdM2uQi1PcpQ813dQ0McQRHHeWQupIDZic%2FScbgqgobqQcNx24W41Zcd7D5FPm56HOqlMa5dbqpaUPg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 main.css
st.prntscr.com/2023/07/24/0635/css/ 57 KB
9 KB 49ms
22ms Stylesheet
text/css 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b860b5d4930dabf878206983a139233e0782d2e34db562fc9931b8c08aa21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
age: 494
etag: W/"64be1bfb-23a0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 8689ff188f49bbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:51:41 GMT

GET
H2 200 jquery.1.8.2.min.js Show response
st.prntscr.com/2023/07/24/0635/js/ 91 KB
34 KB 52ms
25ms Script
application/javascript 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/js/jquery.1.8.2.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
age: 1181
etag: W/"64be1bfb-827c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8689ff188f4bbbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:43:47 GMT

GET
H2 200 script.mix.js Show response
st.prntscr.com/2023/07/24/0635/js/ 69 KB
24 KB 50ms
24ms Script
application/javascript 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/js/script.mix.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d2ac9e0afbc83f6b4c39cff3db79ecf892df90b8c874bd0e2a43ba1b1c3069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
age: 952
etag: W/"64be1bfb-5e8f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8689ff188f4dbbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:42:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
91 KB 137ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-STH272KG8X

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bf14f854dd5b1dbd765e2bc760edd68f5d0ad4a6d360346ee7398742c06c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 23:35:09 GMT

GET
H2 200 6LjVpnONSkK6cUVqUnZW3A.png
img001.prntscr.com/file/img001/ 198 KB
198 KB 221ms
194ms Image
image/webp 104.23.139.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img001.prntscr.com/file/img001/6LjVpnONSkK6cUVqUnZW3A.png

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.23.139.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea4aab8cfd6449e6a69aa14cf10354b54f2fee8a8d7763cf7b91d8a52065ff74

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:09 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-bz-file-id: 4_z51bcbe33c7b20fe37efb0b11_f1160d3e7b6f99f8a_d20240322_m233441_c004_v0402023_t0058_u01711150481327
cf-polished: origFmt=png, origSize=253231
x-bz-content-sha1: f85b4a9607b6a4ee2645c651e2e8dfb2c9d58021
x-bz-file-name: 6LjVpnONSkK6cUVqUnZW3A.png
content-disposition: inline; filename="6LjVpnONSkK6cUVqUnZW3A.webp"
alt-svc: h3=":443"; ma=86400
content-length: 202384
x-bz-upload-timestamp: 1711150481327
cf-bgj: imgq:100,h2pri
last-modified: Fri, 22 Mar 2024 23:35:03 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8689ff188b753723-FRA

GET
H2 200 rMOFsXHxTuzk
prnt.sc/ 16 KB
16 KB 361ms
360ms Image
text/html 172.67.72.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prnt.sc/rMOFsXHxTuzk

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.72.27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/rMOFsXHxTuzk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhCN7P54ps0FUsVE64wEx6Na5Y%2BRt7HJa%2FtTLMA4C0Z3RphKmbV2%2FrqDgERhOo9VGgfM8I6zjEkGN2iAzxldPpIMRx2O7cAU5UaS0qeZdfpyjXuoSusk4s0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8689ff185bcf696f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 image-helper.js Show response
st.prntscr.com/2023/07/24/0635/js/ 3 KB
1 KB 25ms
23ms Script
application/javascript 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/js/image-helper.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:32 GMT
server: cloudflare
age: 420
etag: W/"64be1bf0-a2f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8689ff18cf91bbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:50:30 GMT

GET
H2 200 footer-logo.png
st.prntscr.com/2023/07/24/0635/img/ 588 B
766 B 26ms
25ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/footer-logo.png
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d41d75da99f35cf59d21a7d72e8ae0fed01ddab9cb173e567cbbdbbd29cf84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 663
cf-polished: origFmt=png, origSize=1848
content-disposition: inline; filename="footer-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 588
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Oct 2021 23:13:24 GMT
server: cloudflare
etag: "616b5c94-738"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18cf94bbd7-FRA
expires: Fri, 22 Mar 2024 23:43:48 GMT

GET
H2 200 jquery.smartbanner.css
st.prntscr.com/2023/07/24/0635/css/ 4 KB
1 KB 31ms
30ms Stylesheet
text/css 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/css/jquery.smartbanner.css
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:26 GMT
server: cloudflare
age: 1283
etag: W/"64be1bea-ef0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
cf-ray: 8689ff18cf95bbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:36:05 GMT

GET
H2 200 jquery.smartbanner.js Show response
st.prntscr.com/2023/07/24/0635/js/ 8 KB
3 KB 22ms
21ms Script
application/javascript 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://st.prntscr.com/2023/07/24/0635/js/jquery.smartbanner.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
age: 1457
etag: W/"64be1bfb-aec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8689ff18cf96bbd7-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 23:33:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Mar 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6987
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Mar 2024 23:38:42 GMT

GET choice.js
quantcast.mgr.consensu.org/choice/n-ZGqfdsg5894/prnt.sc/ 0
0

GET
H2 200 page-bg.png
st.prntscr.com/2023/07/24/0635/img/ 5 KB
6 KB 21ms
21ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/page-bg.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 344
cf-polished: origFmt=png, origSize=7116
content-disposition: inline; filename="page-bg.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5608
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
etag: "64be1bfb-1a7b"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df97bbd7-FRA
expires: Fri, 22 Mar 2024 23:55:22 GMT

GET
H/1.1 200
OK async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 61ms
8ms Script
application/javascript 2a02:26f0:480:33::212:40ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Date: Fri, 22 Mar 2024 23:35:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Feb 2024 13:33:47 GMT
Server: nginx
ETag: "65d4aa3b-ca8"
Vary: Accept-Encoding
Content-Type: application/javascript
X-serveraddr: 10.100.0.151
X-host: cdn.ad4game.com
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 1404

GET
H2 200 header-logo.png
st.prntscr.com/2023/07/24/0635/img/ 4 KB
4 KB 26ms
25ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/header-logo.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ec0b04019845302a5052b4689b5d3477c9717dca73243e5faf7cf98f3af564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 952
cf-polished: origFmt=png, origSize=7995
content-disposition: inline; filename="header-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4148
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:43 GMT
server: cloudflare
etag: "64be1bfb-1e52"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df98bbd7-FRA
expires: Fri, 22 Mar 2024 23:41:17 GMT

GET
H2 200 button-download.png
st.prntscr.com/2023/07/24/0635/img/ 314 B
470 B 23ms
23ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/button-download.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 1443
cf-polished: origFmt=png, origSize=1404
content-disposition: inline; filename="button-download.webp"
alt-svc: h3=":443"; ma=86400
content-length: 314
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-57c"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df9abbd7-FRA
expires: Fri, 22 Mar 2024 23:37:08 GMT

GET
H2 200 button-icon-sep.png
st.prntscr.com/2023/07/24/0635/img/ 40 B
218 B 22ms
22ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/button-icon-sep.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 1362
cf-polished: origFmt=png, origSize=928
content-disposition: inline; filename="button-icon-sep.webp"
alt-svc: h3=":443"; ma=86400
content-length: 40
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-3a0"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df9cbbd7-FRA
expires: Fri, 22 Mar 2024 23:21:26 GMT

GET
H2 200 icon-twitter_gscale.png
st.prntscr.com/2023/07/24/0635/img/ 374 B
584 B 25ms
25ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/icon-twitter_gscale.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 1610
cf-polished: origFmt=png, origSize=1535
content-disposition: inline; filename="icon-twitter_gscale.webp"
alt-svc: h3=":443"; ma=86400
content-length: 374
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-5ff"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df9dbbd7-FRA
expires: Fri, 22 Mar 2024 23:10:26 GMT

GET
H2 200 icon-facebook_gscale.png
st.prntscr.com/2023/07/24/0635/img/ 296 B
452 B 27ms
27ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/icon-facebook_gscale.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 1443
cf-polished: origFmt=png, origSize=1325
content-disposition: inline; filename="icon-facebook_gscale.webp"
alt-svc: h3=":443"; ma=86400
content-length: 296
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-52d"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff18df9fbbd7-FRA
expires: Fri, 22 Mar 2024 23:27:20 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

529ecb2a5619921bce6105411373f893bde2264a123fc06a2d41692e456a306b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Mar 2024 23:35:08 GMT
content-md5: n+GzPekDymHasJYQD4r3NQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: jnBkcrfN3bnFLNHEaYV2DeEpfhnPS/APy94rbMjPi+SlbItELcjKb4vqv6rl2QedruXYbTqE7BEBWw0D899KRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 216ff76afd69665c37b239e1126d4b3f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "508ad3285a2e330227b2af14036a6f21"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 22 Mar 2024 23:35:33 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 58ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 23:35:09 GMT
Content-Encoding: gzip
Age: 801
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/6752)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

OPTIONS
H2 204 /
api.prntscr.com/v1/ Frame 0
0 166ms
126ms Preflight
text/plain 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://prnt.sc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://prnt.sc
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8689ff1958cc5d4e-FRA
content-length: 0
content-type: text/plain charset=UTF-8
date: Fri, 22 Mar 2024 23:35:09 GMT
server: cloudflare

GET
H3 200 icon-camera.png
st.prntscr.com/2023/07/24/0635/img/ 158 B
443 B 27ms
27ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/icon-camera.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 1241
cf-polished: origFmt=png, origSize=1089
content-disposition: inline; filename="icon-camera.webp"
alt-svc: h3=":443"; ma=86400
content-length: 158
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-441"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff190a9e5c9e-FRA
expires: Fri, 22 Mar 2024 23:17:22 GMT

GET
H3 200 icon-abuse.png
st.prntscr.com/2023/07/24/0635/img/ 126 B
445 B 26ms
25ms Image
image/webp 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.prntscr.com/2023/07/24/0635/img/icon-abuse.png
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st.prntscr.com/2023/07/24/0635/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:08 GMT
cf-cache-status: HIT
age: 51
cf-polished: origFmt=png, origSize=327
content-disposition: inline; filename="icon-abuse.webp"
alt-svc: h3=":443"; ma=86400
content-length: 126
cf-bgj: imgq:100,h2pri
last-modified: Mon, 24 Jul 2023 06:36:01 GMT
server: cloudflare
etag: "64be1bd1-147"
vary: Accept
content-type: image/webp
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 8689ff190a9f5c9e-FRA
expires: Fri, 22 Mar 2024 23:53:32 GMT

POST
H3 200 / Show response
api.prntscr.com/v1/ 92 B
266 B 443ms
443ms XHR
application/json 104.23.140.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.prntscr.com/v1/
Requested by: Host: st.prntscr.com
URL: https://st.prntscr.com/2023/07/24/0635/js/jquery.1.8.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.23.140.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://prnt.sc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Mar 2024 23:35:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://prnt.sc
access-control-allow-credentials: true
cf-ray: 8689ff1a1baf5c9e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 305 KB
86 KB 19ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=2e4de9a53ba8ec995421aa4b93c4aceb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9689109539a21ec854fc82d055528c5d9ac1eb7da782b7d4a9c1879fc0f94c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://prnt.sc/
Origin: https://prnt.sc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Mar 2024 23:35:09 GMT
content-md5: s8R6dBzrabnul60pZzQBKA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88149
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4324, tp=9, tpl=0, uplat=4, ullat=-1
x-fb-debug: 53MZpfaQq94XxIX2JeaOdGDHQvFKnc+VMlaunpQPPYbbEeYT90Q318SKKRhioqXlmRDMa4sDobDo4r5vrzfDPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 38b027fc1f5add70bbd87c72f8a7b55d
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "3eaf86ef210bc487d3f86fe738e20284"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 22 Mar 2025 19:13:06 GMT

GET
H3 200 prebid.js Show response
cdn.ad4game.com/ 261 KB
83 KB 36ms
14ms Script
application/javascript 2a02:26f0:480:33::212:40ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:33::212:40ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 733f44e4d42f00e0a8c267d516e9f6939d36f65ceb3bf851998475b9f6650d3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Fri, 22 Mar 2024 23:35:09 GMT
content-encoding: gzip
last-modified: Tue, 20 Feb 2024 13:33:47 GMT
server: nginx
etag: "65d4aa3b-412ac"
vary: Accept-Encoding
content-type: application/javascript
x-serveraddr: 10.100.0.151
x-host: cdn.ad4game.com
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 6 KB
2 KB 470ms
125ms Script
text/javascript 192.207.255.147
AS-MNX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1686102&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&c=UTF-8&z=60918,70076,60916&b=7&x=7
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: 2bde9d545bfc539216e6296c1e0c5d34c8d1f60f68fb4c52066dc33015410d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Fri, 22 Mar 2024 23:35:09 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.151
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Expires: 0

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame D93C 319 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fprnt.sc
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://prnt.sc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 8835210
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Mar 2024 23:35:09 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 120ms
105ms Fetch
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=154822244543652&input_token&origin=1&redirect_uri=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e4de9a53ba8ec995421aa4b93c4aceb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Fri, 22 Mar 2024 23:35:09 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2792, tp=-1, tpl=-1, uplat=98, ullat=0
pragma: no-cache
x-fb-debug: qqdCAXXqcPhotWcpYzo3t3o3LpkcUtwFm1zT4cFRarKiKB8aDiEjocAtC9leSRN9hw8yWWLfSDsZqP/BiJuwIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://prnt.sc
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame D93C 869 B
658 B 136ms
116ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=53aa6f22ef2985a017ce04ab73e18887dc93009a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fprnt.sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 22 Mar 2024 23:35:08 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 22 Mar 2024 23:35:09 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 3b2e5aae63382bd7
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: a6b002815f7017001faa2fbbf4d47e64a7f6b52c897260c0f4bfabf316047c63
content-length: 337

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 42ms
42ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=662868061&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&ul=en-us&de=UTF-8&dt=Mit%20Lightshot%20geschossen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1988031636&gjid=830333377&cid=474229193.1711150509&tid=UA-12353127-1&_gid=357085959.1711150509&_r=1&_slc=1&z=2128064588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://prnt.sc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 23:35:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 54ms
18ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-12353127-1&cid=474229193.1711150509&jid=1988031636&gjid=830333377&_gid=357085959.1711150509&_u=IEBAAEAAAAAAACAAI~&z=941033214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prnt.sc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Mar 2024 23:35:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 47ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-STH272KG8X&gtm=45je43k0v870780494za200&_p=1711150508925&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=474229193.1711150509&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711150509&sct=1&seg=0&dl=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&dt=Mit%20Lightshot%20geschossen&en=page_view&_fv=1&_ss=1&_ee=1&tfd=568
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-STH272KG8X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 23:35:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prnt.sc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 126ms
48ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12353127-1&cid=474229193.1711150509&jid=1988031636&_u=IEBAAEAAAAAAACAAI~&z=1239687041

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 23:35:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 125ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-12353127-1&cid=474229193.1711150509&jid=1988031636&_u=IEBAAEAAAAAAACAAI~&z=1239687041

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 23:35:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Fri, 22 Mar 2024 23:35:09 GMT
Content-Encoding: gzip
Age: 1881804
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/6752)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.de.html Show response
platform.twitter.com/widgets/ Frame FCB9 34 KB
13 KB 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.de.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 2085629428fd5ad2fc1f15d2d4c8719d3317336c44d3c9565d21d19afcb105c2

Request headers

Referer: https://prnt.sc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1881711
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12665
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Mar 2024 23:35:09 GMT
Etag: "b71765fbac0839ce6ea737fbde6f8963+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
104 B 118ms
117ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22de%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1711150509240%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=53aa6f22ef2985a017ce04ab73e18887dc93009a

Requested by

Host: prnt.sc
URL: https://prnt.sc/rMOFsXHxTuzk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 22 Mar 2024 23:35:08 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 22 Mar 2024 23:35:09 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 7568470cdbe7715d
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: a6b002815f7017001faa2fbbf4d47e64a7f6b52c897260c0f4bfabf316047c63
content-length: 43

GET
DATA 200
OK truncated
/ Frame FCB9 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 214ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1686102&h=0&siteurl=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&c=UTF-8&z=60918,70076,60916&b=7&x=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9d30fd0b6a72bfe1dd1f12d5faf344b675187949f27581bab0f06dc3e8428ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29023
x-xss-protection: 0
server: cafe
etag: 556 / 19804 / 31082082 / config-hash: 14337009746000550812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 23:35:09 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 438 KB
138 KB 114ms
36ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://prnt.sc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 10:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48855
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141049
x-xss-protection: 0
server: cafe
etag: 7927512453849819874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 22 Mar 2025 10:00:54 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame D502 0
189 B 105ms
105ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfce82ec284b8108b3%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e4de9a53ba8ec995421aa4b93c4aceb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Fri, 22 Mar 2024 23:35:10 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=6585, tp=-1, tpl=-1, uplat=98, ullat=0
x-fb-debug: 1ARE/nXkjYitAfk7GtoyD5hrvjeRmQUDz16HOLRjsrKpFVM7XsV2NojsUfMsslmzXu881HBly7tNzU7VzAxy4A==
x-xss-protection: 0

GET
H2 200 comments.php
www.facebook.com/plugins/ Frame 7670 0
0 103ms
103ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd1a2dffe2821d344%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2FrMOFsXHxTuzk&locale=en_US&migrated=1&sdk=joey&width=NaN&xid=2dg70k0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e4de9a53ba8ec995421aa4b93c4aceb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Fri, 22 Mar 2024 23:35:10 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=4561, tp=-1, tpl=-1, uplat=96, ullat=0
x-fb-debug: XiRMBPSGh06S80U++wD3gmG2jN2T22l846UpAGNXKHH/dK0b98P/uQzWzP674FxLf3I8MY6A0dlRU3i8EmCT8Q==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame 60C8 39 KB
13 KB 158ms
158ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=2e4de9a53ba8ec995421aa4b93c4aceb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e67c404ec247581dab3c1c53c5cc71739c011698fbd2366394f9a65a8956b708

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://prnt.sc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 23:35:10 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1326, tbw=6796, tp=-1, tpl=-1, uplat=151, ullat=0
x-fb-debug: zfnG9dovZWutDNZBb19xMa1r1v1dFNdwi4LQ+puiWLgt+0KDzNnWxS5SBqbkExG9ynWKuBk4yHpNt3Vtg/lVqw==
x-xss-protection: 0

GET
H2 200 oCh4fJriDK8.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 60C8 20 KB
6 KB 24ms
9ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KlSVpDp/+1fEecEIRyxaRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5241
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2900, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: DjrR4ZaDVH/T33ZpUMel2VQyHXzv/BqVGA9i1kWSQRV5s23INDCaECS0T4zSouRgdbFm5CILC5+Eis9mAgzxFg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 20 Mar 2025 18:42:45 GMT

GET
H2 200 9Wbv6Zt8-vf.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 60C8 350 KB
91 KB 28ms
13ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/9Wbv6Zt8-vf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8031096c308e69e7ea30fccd4bac2cf2ee370f295e02f1ffe8ff2149f3483ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: T7d3e9LsCUsbLOsbPxef4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 92983
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=12714, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: 92FA13O9IIduhy4C5Xbl8T0bEa1slSaHuQz3Wd8fnGW3wdrEENv1sQGN1b27QVa7JxVU0bhrxglZh1QrnM1h5w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 20 Mar 2025 20:19:11 GMT

GET
H2 200 teTZ2tZqwkq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 60C8 7 KB
3 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qO1vcfOdsbovoV9UmybnhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2250
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2900, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: AhwH4NK2QiNHr49Q7pxo9vwfSza26yrU9lFCKpqnIfjjNO6NaiKrXjAj5MY4CXjmdYXQkgcBZcnfyl5oKJH9Cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Thu, 13 Mar 2025 18:22:26 GMT

GET
H2 200 y7alrmypbND.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 60C8 94 KB
27 KB 32ms
17ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/y7alrmypbND.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a94b441eb4cf31c70bc9f13c17247f4dceb4c14ef6e13792654b52c290317d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PXLMQKhK3OfaCodh0SXIQA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27436
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=30542, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: nL0BiVi476dSdY2V3XoHejofQKaCvdygNPC1t09aT5zSBc8wTDKvNKEmga1amxzV7isEALVCVc2A9xzHUAmZcw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Fri, 14 Mar 2025 03:08:44 GMT

GET
H2 200 xxbj_pcvPKC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame 60C8 54 KB
17 KB 27ms
12ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/xxbj_pcvPKC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c423819ab2b0faa30a4aedbc59733601526da2d97a60603d42e98f2228960bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h0teOplCz+V0cwytj5xKug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17466
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=12435, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: /2L+gVOyQgK2uRkOTDQhhuz1RnnF5hfA2eWiauF76PIQ5n91nccZT7XAfRE0D6Gh7kQiuVifWcSxmUexkmVbrg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 22 Mar 2025 18:02:10 GMT

GET
H2 200 icjyP3R22e-.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/ Frame 60C8 73 KB
20 KB 31ms
16ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/icjyP3R22e-.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe0b3d34340b4c6df56ebf4983b3bfd3f376f91381e737f251ad66c672101cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ILtNi2Cy8gbmEurgwQf5hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20678
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=30542, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: WeLfPB118T5dV83Ur00CW8EkdbR3HJQR4ZbhXE/jpmkcBvVax8THAITIsj7mjoCskEGufx8wngvAErltQV1AUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sun, 16 Mar 2025 01:08:48 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 60C8 507 B
488 B 32ms
17ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=30542, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: ZVkdFOwT/u6MaA5B8wKS4m61lMsp3pFojZQBnvwnbDSJPmeeXr4bKtVfntFIbzQfV/GOqKSAou6TaZQ+x9VcfA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Fri, 21 Mar 2025 14:52:01 GMT

GET
H2 200 327348394_1248859505711243_2750035139846531976_n.png
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 60C8 36 KB
37 KB 9ms
8ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/327348394_1248859505711243_2750035139846531976_n.png?stp=dst-png_p130x130&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=88HstyB2cUIAX_Nahs7&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfCWL8CkijNKxwKAzEZNhaHLPVlXv_TE6QxHbTnFI_XkUw&oe=66022CE5
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7f0c0d5e15ee4b3a06964f2256fc37be30934a62b0e0bf61a00eb0aa47969eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=20, mss=1326, tbw=6373, tp=-1, tpl=-1, uplat=1, ullat=-1
date: Fri, 22 Mar 2024 23:35:10 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 23:06:50 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3031024971
thrift_fmhk: GBBfITb+QwzcNPtncBDh444FFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1994070467
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 37042

GET
H2 200 327314350_958311831838235_9193609540550948483_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 60C8 1 KB
1 KB 7ms
7ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/327314350_958311831838235_9193609540550948483_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=5f2048&_nc_ohc=h3EtnjBznJ8AX9FG8_g&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfABMZFlP2T7lMtMIN_m31QD6HIojaLbiYbLcniSH1gfJA&oe=6603D9DA
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fe0b009af4d6be99bb24436d2b2c67706fa3698e059d8df3bfa9f9c8857b42ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=52, mss=1326, tbw=43950, tp=-1, tpl=-1, uplat=0, ullat=-1
date: Fri, 22 Mar 2024 23:35:10 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 23:06:49 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1668121653
thrift_fmhk: GBBGla13iqLHAde4wrcYX/3GFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1162695912
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1288

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 60C8 573 B
713 B 8ms
8ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 23:35:10 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4327, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: sTm7KoNcDxCVbDK6c77VLLxnMcWqtRikqri+Z5GkyKNlSmoh/oKVP0kVjfNZ0Wg//PeEyjceCAH7AdHFzcFIJQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 21 Mar 2025 04:19:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/n-ZGqfdsg5894/prnt.sc/choice.js

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.prnt.sc/	1970-01-20 19:20:36	Name: _gid Value: GA1.2.357085959.1711150509
.prnt.sc/	1970-01-20 19:19:10	Name: _gat Value: 1
.prnt.sc/	1970-01-21 04:55:10	Name: _ga Value: GA1.1.474229193.1711150509
.prnt.sc/	1970-01-21 04:55:10	Name: _ga_STH272KG8X Value: GS1.1.1711150509.1.0.1711150509.0.0.0
.ads.ad4game.com/	1970-01-20 19:59:29	Name: OA4GUA Value: mozilla%2F5.0+%28windows+nt+10.0%3B+win64%3B+x64%29+applewebkit%2F537.36+%28khtml%2C+like+gecko%29+chrome%2F122.0.6261.128++%2F537.36
.ads.ad4game.com/	1970-01-20 19:59:29	Name: OA4GBR Value: ch%23122.0.6261.128%23122%23.0.6261.128%23%23win%2364%23185.213.155.131%23de-de%2Cde%23chrome

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://quantcast.mgr.consensu.org/choice/n-ZGqfdsg5894/prnt.sc/choice.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://prnt.sc/rMOFsXHxTuzk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://prnt.sc/rMOFsXHxTuzk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df0dd0630f30c0be43%26domain%3Dprnt.sc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ffbe307c4c5a0f35c0%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300 Message: The page did not request an origin-keyed agent cluster, but was put in one anyway because the origin 'https://www.facebook.com' had previously been placed in an origin-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.
security	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/9Wbv6Zt8-vf.js?_nc_x=Ij3Wp8lg5Kz(Line 354) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
api.prntscr.com
cdn.ad4game.com
connect.facebook.net
img001.prntscr.com
platform.twitter.com
prnt.sc
quantcast.mgr.consensu.org
region1.google-analytics.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
st.prntscr.com
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
quantcast.mgr.consensu.org
104.23.139.12
104.23.140.12
104.244.42.8
172.67.72.27
192.207.255.147
2001:4860:4802:34::36
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:809::200e
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:26f0:480:33::212:40ce
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
2085629428fd5ad2fc1f15d2d4c8719d3317336c44d3c9565d21d19afcb105c2
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
2bde9d545bfc539216e6296c1e0c5d34c8d1f60f68fb4c52066dc33015410d80
2d41d75da99f35cf59d21a7d72e8ae0fed01ddab9cb173e567cbbdbbd29cf84b
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
40ec0b04019845302a5052b4689b5d3477c9717dca73243e5faf7cf98f3af564
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
4a94b441eb4cf31c70bc9f13c17247f4dceb4c14ef6e13792654b52c290317d0
529ecb2a5619921bce6105411373f893bde2264a123fc06a2d41692e456a306b
54b860b5d4930dabf878206983a139233e0782d2e34db562fc9931b8c08aa21b
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
733f44e4d42f00e0a8c267d516e9f6939d36f65ceb3bf851998475b9f6650d3f
7f0c0d5e15ee4b3a06964f2256fc37be30934a62b0e0bf61a00eb0aa47969eb6
8031096c308e69e7ea30fccd4bac2cf2ee370f295e02f1ffe8ff2149f3483ee3
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
9689109539a21ec854fc82d055528c5d9ac1eb7da782b7d4a9c1879fc0f94c10
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1bf14f854dd5b1dbd765e2bc760edd68f5d0ad4a6d360346ee7398742c06c34
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
c423819ab2b0faa30a4aedbc59733601526da2d97a60603d42e98f2228960bf5
c9d30fd0b6a72bfe1dd1f12d5faf344b675187949f27581bab0f06dc3e8428ea
d27749b2aaf85d9595f77491e8832936e15087e89bff00505a5ef2ef2b2fc65d
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2ac9e0afbc83f6b4c39cff3db79ecf892df90b8c874bd0e2a43ba1b1c3069
e67c404ec247581dab3c1c53c5cc71739c011698fbd2366394f9a65a8956b708
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ea4aab8cfd6449e6a69aa14cf10354b54f2fee8a8d7763cf7b91d8a52065ff74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
fe0b009af4d6be99bb24436d2b2c67706fa3698e059d8df3bfa9f9c8857b42ae
fe0b3d34340b4c6df56ebf4983b3bfd3f376f91381e737f251ad66c672101cc3

prnt.sc Open in urlscan Pro 172.67.72.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

71 %IPv6

14 Domains

21 Subdomains

18 IPs

4 Countries

1128 kBTransfer

3018 kBSize

6 Cookies

11 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

prnt.sc Open in urlscan Pro
172.67.72.27 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

71 %
IPv6

14
Domains

21
Subdomains

18
IPs

4
Countries

1128 kB
Transfer

3018 kB
Size

6
Cookies

56 HTTP transactions
0 data transactions