Submitted URL: http://prnt.sc/q97anj
Effective URL: https://prnt.sc/q97anj
Submission: On December 19 via manual from GB

Summary

This website contacted 18 IPs in 5 countries across 14 domains to perform 63 HTTP transactions. The main IP is 104.27.26.84, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is prnt.sc.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 16th 2019. Valid for: a year.
This is the only time prnt.sc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.27.26.84 13335 (CLOUDFLAR...)
20 104.20.13.105 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
7 151.139.242.3 33438 (HIGHWINDS2)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f0f... 32934 (FACEBOOK)
4 2606:2800:234... 15133 (EDGECAST)
1 5 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.136 13414 (TWITTER)
5 192.207.255.147 62821 (AS-MNX)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.21.35.247 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.16.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 74.214.194.133 59940 (PULSEPOIN...)
1 151.101.112.166 54113 (FASTLY)
63 18
Domain Requested by
17 st.prntscr.com prnt.sc
st.prntscr.com
7 cdn.ad4game.com prnt.sc
cdn.ad4game.com
ads.ad4game.com
5 ads.ad4game.com cdn.ad4game.com
prnt.sc
5 www.facebook.com 1 redirects connect.facebook.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
prnt.sc
4 platform.twitter.com prnt.sc
platform.twitter.com
3 www.googletagservices.com ads.ad4game.com
securepubads.g.doubleclick.net
3 prnt.sc 1 redirects prnt.sc
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 api.prntscr.com st.prntscr.com
prnt.sc
2 connect.facebook.net prnt.sc
connect.facebook.net
2 www.google-analytics.com 1 redirects prnt.sc
1 bh.contextweb.com prnt.sc
1 bid.contextweb.com cdn.ad4game.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 brightcombid.marphezis.com cdn.ad4game.com
1 syndication.twitter.com prnt.sc
1 staticxx.facebook.com connect.facebook.net
1 www.google.de prnt.sc
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 image.prntscr.com prnt.sc
63 23

This site contains links to these domains. Also see Links.

Domain
app.prntscr.com
prntscr.com
twitter.com
www.facebook.com
www.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-16 -
2020-10-09
a year crt.sh
ssl366238.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-04 -
2020-05-12
6 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.ad4game.com
Go Daddy Secure Certificate Authority - G2
2019-11-17 -
2022-01-16
2 years crt.sh
www.google.de
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-12-06 -
2020-03-05
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2019-04-09 -
2020-04-01
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
marphezis.com
Amazon
2019-02-26 -
2020-03-26
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2018-07-07 -
2020-06-03
2 years crt.sh

This page contains 9 frames:

Primary Page: https://prnt.sc/q97anj
Frame ID: 96A90DE9982D53231DD94690C61CA936
Requests: 45 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fprnt.sc
Frame ID: 8F22FFC6958EC50774A599696D2BAE41
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
Frame ID: 66C65CF1EE76283282C157EBAC9E2386
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 947F81FA39B5128F611E4752FF06F1F0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f6f85a5010838%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fq97anj&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Frame ID: 4EA420E003F03780C1C65A2550B0668B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj
Frame ID: 0B15587B6EAE25D2876E3E763A346A4E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1791035e7a17%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Frame ID: 357B4CDF6A1225DCE37EEC9CBF2E485B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D89F1AC38A895E12AABAE28842D09744
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO8JcgkB-tns--hLS8e1FMkxk2eFf5bx9KiWsy7PJMxJA1i0mb8RI_Fzzu6JUDTvdfYlvnrIuAxdWcnf12_9qzC0X9qAFYJhllEy8hcUWtPcW6sGVq__VYpXpx5M90P97pK8_joXofcLVLpqdxxLriFE13N64N2wRtFd0pzmQlW5RUHn99gzuAfXHjiYDOCMA0wsAuCVVhuRQoQGlHpsGlBe-Ab3SifrBfaZ6jLhLdKsP3KtGF6WA&sai=AMfl-YTddbQtE3YSFfwzv4RLiuWxEVxGDebixNAzj_Lohn7nipcteC4HLClZY_M1hvv8C_U-8FBW8K8fSsGZynLe-RzUeVXaFEbRCoviZqREWg&sig=Cg0ArKJSzEhFo1ukmAjREAE&urlfix=1&adurl=
Frame ID: 4F7F2AE298D03BCB6C81E8F3A305CFEC
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://prnt.sc/q97anj HTTP 301
    https://prnt.sc/q97anj Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

98 %
HTTPS

53 %
IPv6

14
Domains

23
Subdomains

18
IPs

5
Countries

1019 kB
Transfer

2518 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prnt.sc/q97anj HTTP 301
    https://prnt.sc/q97anj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=185012851&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fq97anj&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1052087421&gjid=1862604725&cid=923358400.1576770755&tid=UA-12353127-1&_gid=88153634.1576770755&_r=1&z=106205840 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_gid=88153634.1576770755&gjid=1862604725&_v=j79&z=106205840 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840&slf_rd=1&random=3761291593
Request Chain 42
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request q97anj
prnt.sc/
Redirect Chain
  • http://prnt.sc/q97anj
  • https://prnt.sc/q97anj
14 KB
4 KB
Document
General
Full URL
https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.26.84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88eb16efa5ee2c44c00e319127bb1df275105c43b3e6bb7fb744c1ff87201651
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
prnt.sc
:scheme
https
:path
/q97anj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
__cfduid=d0a6f363d81fb3b6eb37d671a9ba55e611576770753
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 19 Dec 2019 15:52:34 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
547a8b60197072d5-AMS
content-encoding
br

Redirect headers

Date
Thu, 19 Dec 2019 15:52:34 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Set-Cookie
__cfduid=d0a6f363d81fb3b6eb37d671a9ba55e611576770753; expires=Sat, 18-Jan-20 15:52:33 GMT; path=/; domain=.prnt.sc; HttpOnly; SameSite=Lax
Location
https://prnt.sc/q97anj
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
547a8b565e8cc867-AMS
main.css
st.prntscr.com/2019/11/26/0154/css/
57 KB
9 KB
Stylesheet
General
Full URL
https://st.prntscr.com/2019/11/26/0154/css/main.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
age
1212
etag
W/"5ddc8665-23d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
547a8b613bcbd8f5-AMS
expires
Thu, 19 Dec 2019 15:46:44 GMT
jquery.1.8.2.min.js
st.prntscr.com/2019/11/26/0154/js/
91 KB
32 KB
Script
General
Full URL
https://st.prntscr.com/2019/11/26/0154/js/jquery.1.8.2.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
age
1212
etag
W/"5ddc8665-827c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
547a8b613bd1d8f5-AMS
expires
Thu, 19 Dec 2019 15:46:34 GMT
script.mix.js
st.prntscr.com/2019/11/26/0154/js/
69 KB
23 KB
Script
General
Full URL
https://st.prntscr.com/2019/11/26/0154/js/script.mix.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea3e12a33177d358090ed61f2bba258ad53f311f5f5d70e7cf0fe06fac52ed4

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
age
1216
etag
W/"5ddc8665-5e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
547a8b613bcfd8f5-AMS
expires
Thu, 19 Dec 2019 15:13:51 GMT
P7ROpaLWQuW6lbx7E3LYQw.png
image.prntscr.com/image/
309 KB
310 KB
Image
General
Full URL
https://image.prntscr.com/image/P7ROpaLWQuW6lbx7E3LYQw.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Magic
Resource Hash
6d78c69a3acd6d42f3acb0d2e2051ebfec1304790a2ed15c023353d9209860c8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

date
Thu, 19 Dec 2019 15:52:35 GMT
cf-cache-status
MISS
x-powered-by
Magic
status
200
x-temperature
Warm
content-length
316912
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
547a8b6278cfc791-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
q97anj
prnt.sc/
14 KB
14 KB
Image
General
Full URL
https://prnt.sc/q97anj
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.26.84 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
200
cf-ray
547a8b60ea7e72d5-AMS
image-helper.js
st.prntscr.com/2019/11/26/0154/js/
3 KB
1 KB
Script
General
Full URL
https://st.prntscr.com/2019/11/26/0154/js/image-helper.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:17 GMT
server
cloudflare
age
1216
etag
W/"5ddc8641-a2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
547a8b61ad25d8f5-AMS
expires
Thu, 19 Dec 2019 15:46:14 GMT
footer-logo.png
st.prntscr.com/2019/11/26/0154/img/
630 B
849 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/footer-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1213
cf-polished
origFmt=png, origSize=1848
status
200
content-disposition
inline; filename="footer-logo.webp"
cf-bgj
imgq:100
content-length
630
last-modified
Mon, 05 Sep 2016 15:49:19 GMT
server
cloudflare
etag
"57cd93ff-738"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad2dd8f5-AMS
expires
Thu, 19 Dec 2019 15:53:03 GMT
jquery.smartbanner.css
st.prntscr.com/2019/11/26/0154/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://st.prntscr.com/2019/11/26/0154/css/jquery.smartbanner.css
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:47 GMT
server
cloudflare
age
1223
etag
W/"5ddc865f-ef0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=1800
cf-ray
547a8b61ad26d8f5-AMS
expires
Thu, 19 Dec 2019 15:46:44 GMT
jquery.smartbanner.js
st.prntscr.com/2019/11/26/0154/js/
8 KB
3 KB
Script
General
Full URL
https://st.prntscr.com/2019/11/26/0154/js/jquery.smartbanner.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
age
1218
etag
W/"5ddc8665-aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=1800
cf-ray
547a8b61ad29d8f5-AMS
expires
Thu, 19 Dec 2019 15:45:53 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4737
date
Thu, 19 Dec 2019 14:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 19 Dec 2019 16:33:37 GMT
page-bg.png
st.prntscr.com/2019/11/26/0154/img/
5 KB
6 KB
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/page-bg.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1213
cf-polished
origFmt=png, origSize=7116
status
200
content-disposition
inline; filename="page-bg.webp"
cf-bgj
imgq:100
content-length
5608
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
etag
"5ddc8665-1a7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad30d8f5-AMS
expires
Thu, 19 Dec 2019 15:50:31 GMT
header-logo.png
st.prntscr.com/2019/11/26/0154/img/
4 KB
4 KB
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/header-logo.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1211
cf-polished
origFmt=png, origSize=7995
status
200
content-disposition
inline; filename="header-logo.webp"
cf-bgj
imgq:100
content-length
4152
last-modified
Tue, 26 Nov 2019 01:56:53 GMT
server
cloudflare
etag
"5ddc8665-1e52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad33d8f5-AMS
expires
Thu, 19 Dec 2019 15:29:31 GMT
button-download.png
st.prntscr.com/2019/11/26/0154/img/
314 B
491 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/button-download.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1213
cf-polished
origFmt=png, origSize=1404
status
200
content-disposition
inline; filename="button-download.webp"
cf-bgj
imgq:100
content-length
314
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-57c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad37d8f5-AMS
expires
Thu, 19 Dec 2019 15:31:16 GMT
button-icon-sep.png
st.prntscr.com/2019/11/26/0154/img/
40 B
216 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/button-icon-sep.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1212
cf-polished
origFmt=png, origSize=928
status
200
content-disposition
inline; filename="button-icon-sep.webp"
cf-bgj
imgq:100
content-length
40
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-3a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad39d8f5-AMS
expires
Thu, 19 Dec 2019 15:47:44 GMT
icon-twitter_gscale.png
st.prntscr.com/2019/11/26/0154/img/
374 B
532 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/icon-twitter_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1213
cf-polished
origFmt=png, origSize=1535
status
200
content-disposition
inline; filename="icon-twitter_gscale.webp"
cf-bgj
imgq:100
content-length
374
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-5ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad3bd8f5-AMS
expires
Thu, 19 Dec 2019 16:01:44 GMT
icon-facebook_gscale.png
st.prntscr.com/2019/11/26/0154/img/
296 B
558 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/icon-facebook_gscale.png
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1211
cf-polished
origFmt=png, origSize=1325
status
200
content-disposition
inline; filename="icon-facebook_gscale.webp"
cf-bgj
imgq:100
content-length
296
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-52d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61ad3ed8f5-AMS
expires
Thu, 19 Dec 2019 15:42:21 GMT
async-ajs.min.js
cdn.ad4game.com/
3 KB
2 KB
Script
General
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:35 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Mon, 11 Nov 2019 09:46:59 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
W/"5dc92e13-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=185012851&t=pageview&_s=1&dl=https%3A%2F%2Fprnt.sc%2Fq97anj&ul=en-us&de=UTF-8&dt=Screenshot%20by%20Lightshot&sd=24-bit&sr=1600x1200&vp=1600x1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_gid=88153634.1576770755&gjid=1862604725&_v=j79&z=106205840
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840&slf_rd=1&random=3761291593
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840&slf_rd=1&random=3761291593
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Dec 2019 15:52:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Dec 2019 15:52:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-12353127-1&cid=923358400.1576770755&jid=1052087421&_v=j79&z=106205840&slf_rd=1&random=3761291593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b7b2589797e3748041791d721855d587211a8b8353b33f90174bb53543d58f3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uvebbOK8I9dK/X2QBV+uIQ==
status
200
date
Thu, 19 Dec 2019 15:52:34 GMT
expires
Thu, 19 Dec 2019 16:02:06 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1780
x-fb-debug
NFMPpIQmhwDWvIJoBkGZXxoVlre9MXpc5PJ0S6ic5yX+Uc07G5iCIBdZD1ySNA1N4OwLbMIM3GSzDfSIZbwC5Q==
x-fb-content-md5
40237d9a548d75c9c6737a26ffdf35d6
etag
"e17004e51dc7a803a00bf2b30e7051fc"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41D7) /
Resource Hash
ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Dec 2019 15:52:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 23:46:10 GMT
Server
ECS (fcn/41D7)
Etag
"a41dba1e30b9426e9a69c373d2c94042+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28837
icon-edit.png
st.prntscr.com/2019/11/26/0154/img/
461 B
630 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/icon-edit.png
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1215
cf-polished
origSize=3153, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
461
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61edc9d8f5-AMS
expires
Thu, 19 Dec 2019 15:47:52 GMT
icon-camera.png
st.prntscr.com/2019/11/26/0154/img/
158 B
313 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/icon-camera.png
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1204
cf-polished
origFmt=png, origSize=1089
status
200
content-disposition
inline; filename="icon-camera.webp"
cf-bgj
imgq:100
content-length
158
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-441"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61edcfd8f5-AMS
expires
Thu, 19 Dec 2019 15:39:14 GMT
icon-abuse.png
st.prntscr.com/2019/11/26/0154/img/
126 B
396 B
Image
General
Full URL
https://st.prntscr.com/2019/11/26/0154/img/icon-abuse.png
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359

Request headers

Referer
https://st.prntscr.com/2019/11/26/0154/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:34 GMT
cf-cache-status
HIT
age
1204
cf-polished
origFmt=png, origSize=327
status
200
content-disposition
inline; filename="icon-abuse.webp"
cf-bgj
imgq:100
content-length
126
last-modified
Tue, 26 Nov 2019 01:55:43 GMT
server
cloudflare
etag
"5ddc861f-147"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
547a8b61edd3d8f5-AMS
expires
Thu, 19 Dec 2019 15:35:36 GMT
/
api.prntscr.com/v1/
0
424 B
XHR
General
Full URL
https://api.prntscr.com/v1/
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/jquery.1.8.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://prnt.sc
Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Thu, 19 Dec 2019 15:52:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://prnt.sc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
status
204
access-control-allow-credentials
true
cf-ray
547a8b622fe4c791-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
widget_iframe.69e02060c7c44baddf1b5629549acc0c.html
platform.twitter.com/widgets/ Frame 8F22
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Fprnt.sc
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/418A) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://prnt.sc/q97anj
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Dec 2019 15:52:34 GMT
Etag
"4b563298f37eb3ef2a2f8897be83c714+gzip"
Last-Modified
Tue, 10 Dec 2019 23:44:55 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/418A)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
all.js
connect.facebook.net/en_US/
190 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
965dfa75cb5e8e72c20a31bc0a422af2d604c8a2d10940d81960fffe09abba0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
w7YF3WwcRJbH1IHpcBkR5Q==
status
200
date
Thu, 19 Dec 2019 15:52:34 GMT
expires
Fri, 18 Dec 2020 14:43:22 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
57675
x-fb-debug
nwFhfuvJDICsPplSejHICpxJJDwyFD9Ps+DCkpUiRCeRt8j2gUy9D36FqlGh6Sd+pv1+t3il5SPUC4P2NhD8Xw==
x-fb-content-md5
26e743a7c3dc9e9949a837780cc0476e
etag
"48d91c1952278091d9616044f30b6157"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
button.550007e6cc79c00bac51111d8131d860.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.550007e6cc79c00bac51111d8131d860.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4194) /
Resource Hash
04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Dec 2019 15:52:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 23:44:46 GMT
Server
ECS (fcn/4194)
Etag
"0c1c703295ecdf55c72e3a108ce862e8+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
platform.twitter.com/widgets/ Frame 66C6
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.69e02060c7c44baddf1b5629549acc0c.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://prnt.sc/q97anj
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Dec 2019 15:52:34 GMT
Etag
"4dc6e55d00b534aa830efd2ddeb984e0+gzip"
Last-Modified
Tue, 10 Dec 2019 23:44:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A7)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12266
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 947F
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://prnt.sc/q97anj
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sun, 13 Dec 2020 19:18:44 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
RWWJfW1iFJ/eZbRBkNIvLR4bZqwPhkw0wab+E49gNMWHEe80/X12KT7MtHA96fpsQ0GyFuvZA9AIigpLJ1GXjA==
content-length
12349
date
Thu, 19 Dec 2019 15:52:34 GMT
alt-svc
h3-24=":443"; ma=3600
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=154822244543652&input_token&origin=1&redirect_uri=https%3A%2F%2Fprnt.sc%2Fq97anj&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/
Origin
https://prnt.sc

Response headers

pragma
no-cache
x-fb-debug
Mv4M+tLIvlRrvjzSov7Se9jY38sDLoxTCxU83P+sW2scHQW/mskEyUBIvLDJNMmK+ZvuvR9ncAVQzXJDczIjEQ==
fb-s
unknown
status
200
date
Thu, 19 Dec 2019 15:52:34 GMT
strict-transport-security
max-age=15552000; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://prnt.sc
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
api.prntscr.com/v1/
92 B
411 B
XHR
General
Full URL
https://api.prntscr.com/v1/
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Dec 2019 15:52:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://prnt.sc
access-control-allow-credentials
true
cf-ray
547a8b62d8f2d8f5-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
jot
syndication.twitter.com/i/
43 B
338 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fprnt.sc%2Fq97anj%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22light_shot%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1576770755062%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22cfadeaf%3A1576014006272%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
0
x-response-time
118
pragma
no-cache
last-modified
Thu, 19 Dec 2019 15:52:35 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
bb6b963688af5d12fc60a57ea26a392f
x-transaction
005f889300fb37e7
expires
Tue, 31 Mar 1981 05:00:00 GMT
truncated
/
298 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9b170236cc352b7306a7493c4c4298935b912bcd26436240a7fb3383e18e4c1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prebid.js
cdn.ad4game.com/
244 KB
91 KB
Script
General
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:35 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
93173
referrer-policy
no-referrer
last-modified
Wed, 11 Dec 2019 12:09:23 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
W/"5df0dc73-3cf4c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
async-ajs.php
ads.ad4game.com/www/delivery/
6 KB
2 KB
Script
General
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5486320&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fq97anj&c=UTF-8&z=60918,60917,60916&b=7&x=7
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
5700871ef5b182b6255a0105bbd3a7284a198595ab2e8d045b269a8a1c7884ad

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Thu, 19 Dec 2019 15:52:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.151
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
gpt.js
www.googletagservices.com/tag/js/
51 KB
16 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g5486320&h=0&siteurl=https%3A%2F%2Fprnt.sc%2Fq97anj&c=UTF-8&z=60918,60917,60916&b=7&x=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"371 / 541 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15827
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:37 GMT
hb
brightcombid.marphezis.com/
0
46 B
XHR
General
Full URL
https://brightcombid.marphezis.com/hb
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.35.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-35-247.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Thu, 19 Dec 2019 15:52:37 GMT
server
nginx
bid
ads.ad4game.com/v1/
8 KB
2 KB
XHR
General
Full URL
https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fprnt.sc%2Fq97anj&size=970x90%3B728x90%3B300x250&id=6717c6a8b38b9c%3B722865d43e2999%3B822a9cae2a7a9b&zoneId=60918%3B60917%3B60916&
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
c87430681f9f3afba18383ab5fecd1117604bf78170ca30bf714b36891397bba

Request headers

Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 19 Dec 2019 15:52:37 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://prnt.sc
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context
application:12061
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=prnt.sc
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/
163 KB
60 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:37 GMT
like.php
www.facebook.com/plugins/ Frame 4EA4
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f6f85a5010838%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fq97anj&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1f6f85a5010838%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fprnt.sc%2Fq97anj&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://prnt.sc/q97anj
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
vg+UP3z/Y8GvGVeRKDx8noTlYvzooj1T7ietxK0t31wuhw9CV8CigcCNSC5qpuh3GmStHYjVLCAi7hSdG319IQ==
date
Thu, 19 Dec 2019 15:52:37 GMT
alt-svc
h3-24=":443"; ma=3600
feedback.php
www.facebook.com/plugins/ Frame 0B15
Redirect Chain
  • https://www.facebook.com/plugins/comments.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%2...
  • https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%2...
0
0
Document
General
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://prnt.sc/q97anj
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
b2tEwViUKCC8nxfJiTpw/TVTII8dOphQu9eHiM+xDK1htd4pdcb510odu5u/RBa5tzEIyeWu8zEWDrzDoUVD2w==
date
Thu, 19 Dec 2019 15:52:37 GMT
alt-svc
h3-24=":443"; ma=3600

Redirect headers

status
302
location
https://www.facebook.com/plugins/feedback.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df20ac806a67b2d%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=340&height=100&href=https%3A%2F%2Fprnt.sc%2Fq97anj&locale=en_US&migrated=1&sdk=joey&xid=q97anj
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
D3Ax+vbdbX3FvkdIeubjN0r0wA1CA8NF8t0Dj7lGJhUTSKS+HrHd7Yksj3UZ+8gP9qEH3aXEyZfy4EJRvqZK7w==
content-length
0
date
Thu, 19 Dec 2019 15:52:37 GMT
alt-svc
h3-24=":443"; ma=3600
like_box.php
www.facebook.com/plugins/ Frame 357B
0
0
Document
General
Full URL
https://www.facebook.com/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1791035e7a17%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=07d42009a1422bc841b8dfc1d3396acf&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like_box.php?app_id=154822244543652&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df1791035e7a17%26domain%3Dprnt.sc%26origin%3Dhttps%253A%252F%252Fprnt.sc%252Ff793b5cabf36e4%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FLightShot%2F242750885760&locale=en_US&sdk=joey&show_faces=true&stream=false&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://prnt.sc/q97anj
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
tLtYe7TN80mL+jGq2O/G8UbU8/FHVZwLYx4jWOtGuNE5EeI08AF795t1V2GDBEvjSbD2g+TzrvOrSGZj1h2dyg==
date
Thu, 19 Dec 2019 15:52:37 GMT
alt-svc
h3-24=":443"; ma=3600
ads
securepubads.g.doubleclick.net/gampad/
67 KB
19 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4327292999133498&correlator=3609894950084410&output=ldjh&impl=fifs&adsid=NT&eid=21062453&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191219&iu_parts=60257202%2C60918%2C6091717%2C60916&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%2C728x90%2C300x250&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D970x90%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D6717c6a8b38b9c%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.05%26hb_adid%3D6717c6a8b38b9c%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.04%26hb_adid_a4g%3D722865d43e2999%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D722865d43e2999%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D300x250%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D822a9cae2a7a9b%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D822a9cae2a7a9b%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576770758&dt=1576770758088&dlt=1576770754697&idt=2869&frm=20&biw=1585&bih=1200&oid=3&adxs=308%2C429%2C308&adys=70%2C1081%2C1203&adks=1432691387%2C518174652%2C4042975291&ucis=1%7C2%7C3&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fprnt.sc%2Fq97anj&dssz=29&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90%7C728x90%7C300x250&msz=970x-1%7C728x-1%7C300x-1&ga_vid=53924608.1576770758&ga_sid=1576770758&ga_hid=185012851&fws=0%2C0%2C0&ohw=0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e16f59c664fb79ec0725dfd65070628c402941f61abba5a6d75563a6b4a9e07c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19161
x-xss-protection
0
google-lineitem-id
-2,-1,4728527039
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,138237963443
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://prnt.sc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/
64 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:38 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

worker.nude.js
st.prntscr.com/2019/11/26/0154/js/
3 KB
1 KB
XHR
General
Full URL
https://st.prntscr.com/2019/11/26/0154/js/worker.nude.js
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/script.mix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.105 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 26 Nov 2019 01:56:45 GMT
server
cloudflare
age
1280
status
200
etag
W/"5ddc865d-ad9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://prnt.sc
cache-control
max-age=1800
cf-ray
547a8b76ae43c791-AMS
expires
Thu, 19 Dec 2019 15:48:51 GMT
89a8f45a-1546-4d8a-a527-7002d45794e2
https://prnt.sc/
3 KB
0
Other
General
Full URL
blob:https://prnt.sc/89a8f45a-1546-4d8a-a527-7002d45794e2
Requested by
Host: st.prntscr.com
URL: https://st.prntscr.com/2019/11/26/0154/js/script.mix.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
2777
Content-Type
text/javascript
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D89F
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://prnt.sc/q97anj
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Thu, 19 Dec 2019 15:07:02 GMT
expires
Fri, 18 Dec 2020 15:07:02 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2736
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/
78 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F7F
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO8JcgkB-tns--hLS8e1FMkxk2eFf5bx9KiWsy7PJMxJA1i0mb8RI_Fzzu6JUDTvdfYlvnrIuAxdWcnf12_9qzC0X9qAFYJhllEy8hcUWtPcW6sGVq__VYpXpx5M90P97pK8_joXofcLVLpqdxxLriFE13N64N2wRtFd0pzmQlW5RUHn99gzuAfXHjiYDOCMA0wsAuCVVhuRQoQGlHpsGlBe-Ab3SifrBfaZ6jLhLdKsP3KtGF6WA&sai=AMfl-YTddbQtE3YSFfwzv4RLiuWxEVxGDebixNAzj_Lohn7nipcteC4HLClZY_M1hvv8C_U-8FBW8K8fSsGZynLe-RzUeVXaFEbRCoviZqREWg&sig=Cg0ArKJSzEhFo1ukmAjREAE&urlfix=1&adurl=
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 19 Dec 2019 15:52:38 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:38 GMT
async-ajs.min.js
cdn.ad4game.com/ Frame 4F7F
3 KB
2 KB
Script
General
Full URL
https://cdn.ad4game.com/async-ajs.min.js
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
1451
referrer-policy
no-referrer
last-modified
Mon, 11 Nov 2019 09:46:59 GMT
server
nginx
x-serveraddr
10.100.0.151
etag
W/"5dc92e13-ca8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4F7F
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Thu, 19 Dec 2019 15:52:38 GMT
adbyv1.gif
cdn.ad4game.com/ Frame 4F7F
112 B
369 B
Image
General
Full URL
https://cdn.ad4game.com/adbyv1.gif
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:38 GMT
referrer-policy
no-referrer
last-modified
Sat, 28 Jan 2012 03:19:10 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
"4f23692e-70"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
112
lg.php
ads.ad4game.com/www/delivery/ Frame 4F7F
35 B
858 B
Image
General
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=541977&campaignid=31069&zoneid=60916&referer=&tag=hb&ver=4.0&tagi=2019-05-21T10-45&cb=0RhEgh2swtMtkVgA&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2MDkxNiwiZXhwIjoxNTc2NzcwODE3fQ.ymAfSNpVvoxGze5j_KyeOqcmIKWRalWE6eZ7sbL4Njc&bn=ad4game&bid=0.05&if=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Thu, 19 Dec 2019 15:52:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12061
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
cdn.ad4game.com/ Frame 4F7F
244 KB
91 KB
Script
General
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:38 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
93173
referrer-policy
no-referrer
last-modified
Wed, 11 Dec 2019 12:09:23 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
W/"5df0dc73-3cf4c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
async-ajs.php
ads.ad4game.com/www/delivery/ Frame 4F7F
12 KB
5 KB
Script
General
Full URL
https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1894318&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fq97anj&c=UTF-8&z=66549&b=1&x=1
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
aa17c18ae708e6ff27c2052e3a5e66dbb5d5c53de763328f0be10ee28e0924b8

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-servername
ads.ad4game.com\ 80\ 81
Pragma
no-cache
Date
Thu, 19 Dec 2019 15:52:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
X-serveraddr
10.100.0.151
Cache-Control
no-cache, no-store, must-revalidate
X-host
ads.ad4game.com
Connection
close
Content-Type
text/javascript; charset=UTF-8
Expires
0
truncated
/ Frame 4F7F
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
383981a7e74182d8944a7dabd302d9966e44817b43f6cc2eeb843267947f6e1a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
prebid.js
cdn.ad4game.com/ Frame 4F7F
244 KB
91 KB
Script
General
Full URL
https://cdn.ad4game.com/prebid.js
Requested by
Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g1894318&h=0&if=1&sf=0&siteurl=https%3A%2F%2Fprnt.sc%2Fq97anj&c=UTF-8&z=66549&b=1&x=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:39 GMT
content-encoding
gzip
x-cache
HIT
status
200
x-host
ads.ad4game.com
content-length
93173
referrer-policy
no-referrer
last-modified
Wed, 11 Dec 2019 12:09:23 GMT
server
nginx
x-serveraddr
10.100.0.140
etag
W/"5df0dc73-3cf4c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
ortb
bid.contextweb.com/header/ Frame 4F7F
0
499 B
XHR
General
Full URL
https://bid.contextweb.com/header/ortb?src=prebid
Requested by
Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Dec 2019 15:52:39 GMT
server
envoy
status
204
cwdl
22/109
access-control-allow-origin
https://prnt.sc
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cw-server
bid-deployment-65bb975ff6-qj529
content-length
0
a81962e70a5a9fe32f22f680c1ddb50b.jpg
cdn.ad4game.com/ Frame 4F7F
32 KB
32 KB
Image
General
Full URL
https://cdn.ad4game.com/a81962e70a5a9fe32f22f680c1ddb50b.jpg
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.3 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
775a47143b15f90b632a50ffe1a876360185cd5da7afddfb567fe192ff25915d

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-servername
ads.ad4game.com\ 80\ 81
date
Thu, 19 Dec 2019 15:52:39 GMT
referrer-policy
no-referrer
last-modified
Fri, 24 May 2019 13:47:12 GMT
server
nginx
x-serveraddr
10.100.0.139
etag
"5ce7f5e0-7e1e"
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-host
ads.ad4game.com
accept-ranges
bytes
content-length
32286
lg.php
ads.ad4game.com/www/delivery/ Frame 4F7F
35 B
858 B
Image
General
Full URL
https://ads.ad4game.com/www/delivery/lg.php?bannerid=548996&campaignid=32261&zoneid=66549&bn=ad4game&bid=0.00031751562178593&token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ6b25lIjo2NjU0OSwiYmFubmVyIjo1NDg5OTYsImJpZCI6My4xNzUxNTYyMTc4NTkyOTlFLTQsImV4cCI6MTU3Njc3MDgxOX0.a6yvlOMFEWNRti2hvxOWlBj6vWwykolDZnVlEiJ6y08&tag=asyncjs&ib=0&cb=MzhmOGUwODVlZjli&ev=3.3&tagi=2019-04-08T11-27&if=1&sf=0
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.207.255.147 Monroe, United States, ASN62821 (AS-MNX - MNX Solutions LLC, US),
Reverse DNS
haproxy2.ad4game.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://prnt.sc/q97anj
Origin
https://prnt.sc

Response headers

Pragma
no-cache
Date
Thu, 19 Dec 2019 15:52:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
35
X-Application-Context
application:12062
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
bh.contextweb.com/visitormatch/ Frame 4F7F
49 B
628 B
Image
General
Full URL
https://bh.contextweb.com/visitormatch/prebid
Requested by
Host: prnt.sc
URL: https://prnt.sc/q97anj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Referer
https://prnt.sc/q97anj
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 19 Dec 2019 15:52:42 GMT
Via
1.1 varnish
X-Cache
MISS
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection
keep-alive
Content-Length
49
X-Served-By
cache-hhn4024-HHN
Server
Jetty(9.4.7.v20170914)
Vary
Accept-Encoding
Content-Language
en
Expires
-1
Cache-Control
private, max-age=0, no-cache, no-store
Accept-Ranges
bytes
Content-Type
image/gif;charset=iso-8859-1
Cw-Server
bh-deployment-797d54649f-458f8
X-Cache-Hits
0

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| $jscomp object| galleryConfig function| loadTemplate function| fillTemplate object| htmlHelper function| getQueryParam function| mysqlDateTimeToJSDate object| prntscrAPI object| loginConfig object| multiLoginSystem function| prettyDate number| maxId_p number| maxId string| searchQuery object| twittsShown object| PrettyDate function| renamePrntsc function| replaceURLWithHTMLLinks function| replaceMentionsWithHTMLLinks function| replaceHashWithHTMLLinks function| expandShortUrls function| htmlspecialchars_decode function| addTwittsFound function| twitterFill undefined| twitterProcessJSON function| twitter function| Spinner string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| loadImageById function| loadImageByElement function| scanImage function| resultHandler object| nude object| jQuery18209546599642755635 object| __twttrll object| twttr object| __twttr object| FB function| pbjsChunk object| pbjs object| __core-js_shared__ function| JSEncrypt boolean| prebidLoaded object| prebidJs object| node object| googletag function| isScriptLoaded number| a4gDReady boolean| a4gPrebidLoaded number| PREBID_TIMEOUT number| PREBID_FAILSAFE_TIMEOUT object| slots object| adUnits function| sendAdserverRequest object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
api.prntscr.com
bh.contextweb.com
bid.contextweb.com
brightcombid.marphezis.com
cdn.ad4game.com
connect.facebook.net
image.prntscr.com
platform.twitter.com
prnt.sc
securepubads.g.doubleclick.net
st.prntscr.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.20.13.105
104.244.42.136
104.27.26.84
151.101.112.166
151.139.242.3
172.217.16.194
192.207.255.147
23.21.35.247
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a03:2880:f0ff:1a:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
74.214.194.133
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f4ae45c416f3cae99c9092537f549e56653297e79cea04501e0ebed1e9bd1c
1b185d89e437f1591af8c51d5e6dad41d3666e22a81931ee9df22e2cfdacaddb
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
2875a6fc4266fec00a383377cb4530b6407912897b0727e26249d89c6dfe0359
383981a7e74182d8944a7dabd302d9966e44817b43f6cc2eeb843267947f6e1a
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
47b4a73b810d6bbb3088a4bec9423d0a709d9a4341b84303d595a6fdea7ea5b3
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
5700871ef5b182b6255a0105bbd3a7284a198595ab2e8d045b269a8a1c7884ad
5a3a63b2ac124cb9a194ec01ea1f0d3123e4019bf658c6f47a77b4faea84c079
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
69d8e3ebecd912bd1632164c7cdb358e13ca6fd3c904a4ecbabd462fb7082b1a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d78c69a3acd6d42f3acb0d2e2051ebfec1304790a2ed15c023353d9209860c8
726984457662e2ae992435af4efac2f0e43d8c15c03224f21955867081b8fe82
775a47143b15f90b632a50ffe1a876360185cd5da7afddfb567fe192ff25915d
7d4cfadd46b306b748059b029aa7cc05a9b85176a5aae4f71a1d620a303b6e4e
83817752fb260ff66b3bca1471bb20dbb6a1e6a17174c657efe0912ad161b382
86a1b8f94f48c4e82d2616d4c581f10a34ff447a2bd95be08714fa0d19ba3f51
88eb16efa5ee2c44c00e319127bb1df275105c43b3e6bb7fb744c1ff87201651
8bfd2fa3b3b5924e3655bcf9f63427e792bd8572b7ed0992373bdb4b21c7cb89
8ea3e12a33177d358090ed61f2bba258ad53f311f5f5d70e7cf0fe06fac52ed4
92fb4985bc265d661b853545f4f3d54f79022a8564dd521202e20a05e477b295
965dfa75cb5e8e72c20a31bc0a422af2d604c8a2d10940d81960fffe09abba0d
9c9935e1daafc929a9866a206e769e084cd83f19d436ca22887adc2798408646
a093d2047e1a59b7103810b947780e5f94d865915cb923ebcaa7e50f557c2102
aa17c18ae708e6ff27c2052e3a5e66dbb5d5c53de763328f0be10ee28e0924b8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6a1120cc303b1c6ee6d548a5b418c2707b59de0c1f13c8ab870ca4e734b6acc
b7b2589797e3748041791d721855d587211a8b8353b33f90174bb53543d58f3f
b9b170236cc352b7306a7493c4c4298935b912bcd26436240a7fb3383e18e4c1
bca2c1abcf4b76a46306bc7f1a607a459371ccf5e7213aae988c33b4dabb1758
c87430681f9f3afba18383ab5fecd1117604bf78170ca30bf714b36891397bba
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d91d13fd8f9d253a8213aeee7ebaa7e073683fc600a3d82902c3c669b8ffdee7
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
e16f59c664fb79ec0725dfd65070628c402941f61abba5a6d75563a6b4a9e07c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e926f30958d0c21d088e6a671d3356a3c3fab9cc6220b8e408f19d868a7dc5c8
ee7c0aa7330f62b75b4e54dc5e44c543d8013358f2f2e40a655b9d0a668ba572
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8