urlscan.io logo urlscan.io
SecurityTrails logo

orefinger.click Open in urlscan Pro
18.66.102.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://orefinger.click/
Effective URL: https://orefinger.click/
Submission: On May 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 22 HTTP transactions. The main IP is 18.66.102.62, located in United States and belongs to AMAZON-02, US. The main domain is orefinger.click.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 20th 2023. Valid for: a year.
This is the only time orefinger.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 18.66.102.62 16509 (AMAZON-02)
5 142.250.185.130 15169 (GOOGLE)
1 18.239.36.54 16509 (AMAZON-02)
4 13.124.210.13 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
22 6
9    18.66.102.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-62.fra56.r.cloudfront.net
orefinger.click
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
1    18.239.36.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-54.ams58.r.cloudfront.net
cdn.orefinger.click
4    13.124.210.13 (Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-124-210-13.ap-northeast-2.compute.amazonaws.com
api.orefinger.click
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
14 orefinger.click
orefinger.click
cdn.orefinger.click
api.orefinger.click
1 MB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
210 KB
22 2
Domain Requested by
9 orefinger.click orefinger.click
5 pagead2.googlesyndication.com orefinger.click
pagead2.googlesyndication.com
4 api.orefinger.click orefinger.click
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 cdn.orefinger.click
22 5

This site contains links to these domains. Also see Links.

Domain
www.ftc.go.kr
pf.kakao.com
Subject Issuer Validity Valid
*.orefinger.click
Amazon RSA 2048 M02		 2023-09-20 -
2024-10-19		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
orefinger.click
Amazon RSA 2048 M03		 2023-10-28 -
2024-11-26		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://orefinger.click/
Frame ID: 7510FF54F6E6F4E43B27F4F1200AC484
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Frame ID: 6F0B5E19BDE28F2D4449EA671BF0278B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7230965378159108&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715769151&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Forefinger.click%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1715879593554&bpp=3&bdt=207&idt=315&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=738662799455&frm=20&pv=2&ga_vid=1486942897.1715879594&ga_sid=1715879594&ga_hid=391793549&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95331688%2C95331982%2C31083748%2C95331711%2C95332415%2C31078668&oid=2&pvsid=3723350576722215&tmod=15121973&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=327
Frame ID: C5AC306F62CC60A48EB5082CD0DF357F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36A9FB3A272F13607AAB819B4089759C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

방송알리미 - 스트리머를 위한 보조 도구

Page URL History Show full URLs

  1. http://orefinger.click/ HTTP 307
    https://orefinger.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

22
Requests

95 %
HTTPS

20 %
IPv6

2
Domains

5
Subdomains

6
IPs

3
Countries

1731 kB
Transfer

6931 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://orefinger.click/ HTTP 307
    https://orefinger.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
orefinger.click/
Redirect Chain
  • http://orefinger.click/
  • https://orefinger.click/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://orefinger.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d8d920ac7c41d1ce0109a773f8a6f47943fd362fd47c37fa7a349818a68f204

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

age
82218
alt-svc
h3=":443"; ma=86400
content-encoding
gzip
content-type
text/html
date
Wed, 15 May 2024 18:22:56 GMT
etag
W/"37fdc7ca7df78f005a5a538fee4c8cdb"
last-modified
Wed, 15 May 2024 10:32:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-id
a3Aj7svhMHBwk032UXLmif1tQyAlF42PrZL2Tt3S_BIcB1WlGrgjSA==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront

Redirect headers

Location
https://orefinger.click/
Non-Authoritative-Reason
HttpsUpgrades
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7230965378159108
Requested by
Host: orefinger.click
URL: https://orefinger.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
3fa095665d450f235bdff82040f7df829213164d494b05afdc48bd1641c1cc75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Origin
https://orefinger.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51949
x-xss-protection
0
server
cafe
etag
15667665681013193046
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 16 May 2024 17:13:13 GMT
index.61fc1623.js
orefinger.click/assets/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://orefinger.click/assets/index.61fc1623.js
Requested by
Host: orefinger.click
URL: https://orefinger.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ff6080c5c9b848cdf277ea74badeb17e082070e38db19bc08d9309c591dcb6d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Origin
https://orefinger.click
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 14:25:10 GMT
content-encoding
br
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
10083
etag
W/"e22ebbdcf8953d32ebb72b78eb2a19a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wkyAOgMx-SuTIF399IlXFWf9iMm9YfEazolIWYPmgRQL8mlIZfMzKA==
index.dc102658.css
orefinger.click/assets/ 		255 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://orefinger.click/assets/index.dc102658.css
Requested by
Host: orefinger.click
URL: https://orefinger.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc10265848af217ef4af11f07917404798e34a6eb8fa958ba24f528919d508b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 15:55:06 GMT
content-encoding
br
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
4687
etag
W/"626f94c8d185e7f421224d67141f641f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
lRs4Rj5OhpuOFBgl0ePCxy8kSmdKvwY6zl2g24KquOcR2VbMcEClQQ==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7230965378159108&plah=orefinger.click&aplac=true&bust=31083748
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7230965378159108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ea1b0aeff2ebc91fdd47365c2f1782f85da63e85fa7d720352a7c34bf2ad2b9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143571
x-xss-protection
0
server
cafe
etag
709475973311566456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 16 May 2024 17:13:13 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/ Frame 6F0B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240513/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7230965378159108&plah=orefinger.click&aplac=true&bust=31083748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://orefinger.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
16237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 12:42:36 GMT
etag
5035419970550746386
expires
Thu, 30 May 2024 12:42:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame C5AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7230965378159108&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715769151&plat=3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Forefinger.click%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNjAiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi42MCJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1715879593554&bpp=3&bdt=207&idt=315&shv=r20240513&mjsv=m202405140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=738662799455&frm=20&pv=2&ga_vid=1486942897.1715879594&ga_sid=1715879594&ga_hid=391793549&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C95331688%2C95331982%2C31083748%2C95331711%2C95332415%2C31078668&oid=2&pvsid=3723350576722215&tmod=15121973&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7230965378159108&plah=orefinger.click&aplac=true&bust=31083748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://orefinger.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 17:13:14 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240513&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7230965378159108&plah=orefinger.click&aplac=true&bust=31083748
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
93b87de498f4427cd692b5295a9172f3122421d8b90a43aa449e7c39fa0e7ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12761
x-xss-protection
0
chzzk.796d75f9.png
orefinger.click/assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orefinger.click/assets/chzzk.796d75f9.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
796d75f9d7e7aca1ab286972b7c9cb1b81a6ae5167451bc5e7da9d021e84915a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 15:55:17 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:29 GMT
server
AmazonS3
age
4678
x-amz-cf-pop
FRA56-P2
etag
"711b74c6a4adc938d4b82843a7f93d18"
x-cache
Hit from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
8237
x-amz-cf-id
DES5t50xtfrRMTC0j93GWZtDlfGKL7iFt5eMqvjhNYJqdiQn380yWg==
yt_icon_rgb.731cbb6f.png
orefinger.click/assets/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orefinger.click/assets/yt_icon_rgb.731cbb6f.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
731cbb6f96f49fe985454b15598f31b5da932ab5822e906ba1103e2f58bb8aea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:15 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"9a59817eac70327b226ee3fe81f200c5"
x-cache
Miss from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
7778
x-amz-cf-id
5APHl_fKbazE-PiXa5hPgpnrK2ensknC_9a9af2bSpz5ks2KEFF6cg==
afreecatv.2343d27d.png
orefinger.click/assets/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orefinger.click/assets/afreecatv.2343d27d.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2343d27d3cc8978fc9a67f83315e93fef26b7612fd0ea291b37ac70afccb100e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:15 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"a6494706885928c6449ced0bf2f150c9"
x-cache
Miss from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
21076
x-amz-cf-id
pLfsm6SwnVPrQLerAjOvzl9Lr6vgANENHtmtOefp8zE_04sIaSC7GQ==
laftel.29c49817.jpg
orefinger.click/assets/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orefinger.click/assets/laftel.29c49817.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29c4981777d6ad4c7177e399ab9e30c559e22debdb017c45d3fc0d0c67c7c7dc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:15 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"fdbd17985421adeb318e95d1fe1c37e5"
x-cache
Miss from cloudfront
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400
content-length
71441
x-amz-cf-id
OwtPmqS4b1UrxviewHQ6AYyRx295QPeTkYLrmCb3FBQjzbD5seRE5A==
userIllustration.8fb84d3a.png
orefinger.click/assets/ 		588 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://orefinger.click/assets/userIllustration.8fb84d3a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:15 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 10:32:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
etag
"dcb0975320e34807f54a320c9ced08b9"
x-cache
Miss from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
741188
x-amz-cf-id
4OBaFHMXd3Deop6byJRGFkLlxW3q3V0W1Gf38J78QXLkT5Q7kaSEhg==
c2d97b72-4317-4082-a9a8-a694f279ad72.png
cdn.orefinger.click/upload/466950273928134666/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.orefinger.click/upload/466950273928134666/c2d97b72-4317-4082-a9a8-a694f279ad72.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-54.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe005f9ca27ae6795c8875bd82492f6de5483538d4c2003a1afd606d021edf2a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:16 GMT
via
1.1 fa7c071d9391a32eff94728584435f34.cloudfront.net (CloudFront)
last-modified
Fri, 22 Mar 2024 18:43:42 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
etag
"dd94cfc1e88f2b3bd0c8b746bab15065"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3162
x-amz-cf-id
8yfshNK9QtfDjd085nI1qH37N3LyH2YzjdYhY9JNRGV6Grt9fPwl8w==
auth
api.orefinger.click/ 		530 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.orefinger.click/auth
Requested by
Host: orefinger.click
URL: https://orefinger.click/assets/index.61fc1623.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.124.210.13 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-210-13.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
d8407db99e87c77ef737837e0af878e530a8759c631e580c4a0bce057a33e926
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Access-Control-Allow-Methods
DELETE, POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin
*
Accept
application/json, text/plain, */*
Referer
https://orefinger.click/
Access-Control-Allow-Headers
Content-Type, Authorization, X-Requested-With
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2024 17:13:15 GMT
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
content-length
530
X-XSS-Protection
0
Referrer-Policy
no-referrer
Cross-Origin-Opener-Policy
same-origin
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
Origin-Agent-Cluster
?1
access-control-allow-credentials
true
Keep-Alive
timeout=72
auth
api.orefinger.click/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.orefinger.click/auth
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.124.210.13 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-210-13.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-methods,access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://orefinger.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 16 May 2024 17:13:15 GMT
Keep-Alive
timeout=72
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-methods,access-control-allow-origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
vary
Origin, Access-Control-Request-Headers
total
api.orefinger.click/main/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.orefinger.click/main/total
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.124.210.13 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-210-13.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-methods,access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://orefinger.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Resource-Policy
same-origin
Date
Thu, 16 May 2024 17:13:15 GMT
Keep-Alive
timeout=72
Origin-Agent-Cluster
?1
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-headers,access-control-allow-methods,access-control-allow-origin
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
content-length
0
vary
Origin, Access-Control-Request-Headers
total
api.orefinger.click/main/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.orefinger.click/main/total
Requested by
Host: orefinger.click
URL: https://orefinger.click/assets/index.61fc1623.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.124.210.13 , Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-124-210-13.ap-northeast-2.compute.amazonaws.com
Software
/
Resource Hash
6237b1df032e4fcc49f1ad4699af66d1fbb45d1e79a83d8d1e5d496aa887e30c
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Access-Control-Allow-Methods
DELETE, POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin
*
Accept
application/json, text/plain, */*
Referer
https://orefinger.click/
Access-Control-Allow-Headers
Content-Type, Authorization, X-Requested-With
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Thu, 16 May 2024 17:13:15 GMT
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
same-origin
Connection
keep-alive
content-length
2406
X-XSS-Protection
0
Referrer-Policy
no-referrer
Cross-Origin-Opener-Policy
same-origin
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
Origin-Agent-Cluster
?1
access-control-allow-credentials
true
Keep-Alive
timeout=72
logo.png
orefinger.click/ 		65 KB
65 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://orefinger.click/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.102.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17787e92493dd5e8dc6bfec4cb93c0217c2020a2e4efbc502d2ae39885218d74

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 10:01:21 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 15 May 2024 01:50:33 GMT
server
AmazonS3
age
25914
x-amz-cf-pop
FRA56-P2
etag
"84ae14ba4eb90a09100207914a90367e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
alt-svc
h3=":443"; ma=86400
content-length
66336
x-amz-cf-id
s-SA8_Cg4BAcgm_iCBM8bgznqhwncBpgaKlHjZXEQaOQ9cUUkRrSNQ==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7230965378159108&plah=orefinger.click&aplac=true&bust=31083748
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://orefinger.click/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 17:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 May 2024 17:13:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://orefinger.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
10440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 May 2024 14:19:14 GMT
expires
Fri, 16 May 2025 14:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240513&jk=3723350576722215&bg=!e3ileDfNAAav94VWj_c7ADQBe5WfOAgoaFjS1nggM9aONJ1oTeEiKKgGPQ4wCkPPX951kHXxlnAz3QyO3q0tk-EJC6gAAgAAADJSAAAAAWgBB34ANRMnngc431HhjdGuqsMDMQthgAAh5NFPpUgemAvnzQF0L7BuHAcoz9McbemMf_9T48FAyIYZmQKYbs2So3yAB9e4oJvS9knGulSFAkrCii0vfyOtjQTU13lkA0dxLh9CA1ixzXZwBo5o1JwltZHUvBjwKhxZbr8SMYKwxMKABAEjXJ52unrOYfgblS4PG2WVBkui5rUAr8Fbm28FM0aze5uitESK-PctCIwzUUUwHiUdm7Q4VlOnMB0dqEpup7MO0iSJDzJNDr-A8JrvCWGC1WPhYhO3OGYYwYbNN5jq5tnz5E6_fJbWqsd8NpndgclKJT-EoaRgxZEpnWzZWiRAk-aEbcHF6Iu5tJ-W0Fmey11uCj0-x8QNnl9tgmXTKCU653Nwcm6od814DnJP-r0QfaOgj989ZabquzWlGfMMGIfe3FaBYO5z4AP4VwtPDGgcUn82rAM_4k3L_q9hAWdZlBzeSv5CSbtG8MVBLnIhODMro5iuS5iKCtXe2GHgoDYt4fS22xMDgnbTovfegqaVAx9KpG4LZtBAWavtqyRNcmV3o4h97askCkSlYTIXXXS0T5WzKmw79PxzwplMrElJCs1nRABnDY7hMmwTAwqMZcrg8szRLsYVnkLiOswjbeoD9pm-z_VwFYRVZ1HGGZpcUIJIdeTYd9hYrFEXyPFyIUzlXIJwzI-wOwLE-N8fIb8PiEIOMe8lb189vk32k8zQawehkylLITVeWM-PQTGDOuk_LSWsiR1nuZ1UgOnlg6_s39oj5tTukNDnn5s0zrlPC5QwlPLIbhO4WSP06b_hU2gWljpLMrRST0Zd-7efe8bWD9U01dBejhVJNlT1wArkXWGHqs5US29UG_tULrN11Qsurqnnsexa0WkcfsMUIGrS9MaQRzcZrfA8pW5DiwK1L-zpmg1E-llZSAXuy6AbensvtuwC6cp5TBNBF6uCDs8LbQ

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| __reactRouterVersion object| _lastElementInsertedByStyleLoader function| Litepicker object| CKEDITOR_TRANSLATIONS string| CKEDITOR_VERSION object| GoogleGcLKhOms object| google_image_requests

0 Cookies