oremin.me Open in urlscan Pro
172.67.142.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://oremin.me/#ne
Effective URL:
https://oremin.me/
Submission Tags: 0xscam
Submission: On April 11 via api (April 11th 2024, 3:08:39 am UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 32 HTTP transactions. The main IP is 172.67.142.16, located in United States and belongs to CLOUDFLARENET, US. The main domain is oremin.me.
TLS certificate: Issued by E1 on April 7th 2024. Valid for: 3 months.

This is the only time oremin.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 31	172.67.142.16 172.67.142.16		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003		15169 (GOOGLE) (GOOGLE)
32	3

31 172.67.142.16 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

oremin.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	oremin.me 2 redirects oremin.me	531 KB
2	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	837 B
32	3

	Domain	Requested by
31	oremin.me	2 redirects oremin.me
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	oremin.me
32	3

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org

Subject Issuer	Validity	Valid
oremin.me E1	`2024-04-07` - `2024-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://oremin.me/
Frame ID: 93023DFB5F80B47FC6F23AE06453E31C
Requests: 28 HTTP requests in this frame

Frame: https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 660FD707D6B5406D6A8B35AA62B9B736
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Main

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

94 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

577 kB
Transfer

893 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://en.wikipedia.org/wiki/HTTP_cookie
Title: Cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Request Chain 26

https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
oremin.me/ 12 KB
4 KB 1957ms
1806ms Document
text/html 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b18be1155c40f2c912370b9a1b9029db5154446f45b2e82232c9f817a5715c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8727c5c4d9a892fd-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 03:08:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WSzh51dQCxB6XXofyPSpjP1JBK9YhVRFg8TZ61kkbhH%2BfoTXHwzrOtdKQBsXrTyJipi%2B2sF5v3w13swhPk%2Fx0cvbk8Ki%2BBmpgznE%2FHBICN11nyuvi9Ys2NGvpag%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 2 KB
837 B 156ms
54ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: oremin.me
URL: https://oremin.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Apr 2024 03:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 01:16:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Apr 2024 03:08:32 GMT

GET
H3 200 bootstrap.min.css
oremin.me/css/ 112 KB
20 KB 885ms
884ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/bootstrap.min.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82052d75f5fce338c784a50a9b6de7d729c63313f2c1139b916e3503326f0c6f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327f7-1c17a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpB1bARqYM5O8W3N%2BBQolXRtGL41rhomIKXUPVILnov27LgD37se1s4UA4%2BXr8Y3XYp2vxrMlAxR36kJLzXbYN0ZC%2Fa4PLqcBWsItLQB5FDtBKWxR4QpeE8JlRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02ec692fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.carousel.min.css
oremin.me/css/ 4 KB
1 KB 296ms
294ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/owl.carousel.min.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:32 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327fb-e2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xr3707m0wB4FIZUa2FwNiOizLRBEipGY0SOgM0CHqfhY1pUyHRDQqfP3rtOmwd%2BpPbQl5EO%2FSEUI55K1tMxmuUsKDWTNZnwvuQTAolECBf1dTGzQkP6b%2F69jsl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02ec792fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.theme.default.min.css
oremin.me/css/ 2 KB
938 B 886ms
885ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/owl.theme.default.min.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9d8e502e14f78f9719329a78721dc917f26bc073df3514e14c634edd239ea9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327fb-90b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AMjZVgUMUNHP25uML2RUNASpoaFcJt8S2QahuIFYCO1CMKn5KL9vqLhSkJHWduxHabZVhBuJBZbgn%2FCqdXXK4nXdnlAhiwQvO5PlmbhYtyfyWnXc%2FdRnWV2dYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02ec892fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 magnific-popup.css
oremin.me/css/ 8 KB
2 KB 781ms
780ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/magnific-popup.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327f9-1e66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwVGkIpQv2amZLL2nmzKUBLQjwRwDdi6Klh2DU1eCO4fUNBWZn64OgWgDR%2Fpo1xiyK2HAVtQmz4087QMREXv01PD557ZGTn8KZExd5ThzelwvweqivYXAg3Tj4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02ec992fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
oremin.me/css/ 22 KB
4 KB 887ms
886ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/style.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bd34ff859cdaafbc16491e8bef3a9c3872c9bb73eabb21076afe7b4442ab076

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327fc-562a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsXxW9vOiBu%2F5ldFHeR5hPpFUCbcC5trmI5u4Bcx96DhWw6gCQcfEpRzqXYFM54654m07VFCFX1Sxd7aNblAJI5WNlGFvf3Rhj22JMqzAvZ%2FR6X1mXtisP%2BAXE0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02eca92fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 themify-icons.css
oremin.me/css/ 16 KB
3 KB 860ms
859ms Stylesheet
text/css 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/css/themify-icons.css
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26989d3113acf7ccb959bee7a1f6a1a1e009edcbe58e52b3052b89f868a2c3cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"661327fd-406a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7oFURrVC5Pfc8G6OCR34jODXXHgkl887ZKrVwmyEkUJmPhbZQM7GBl8o0bbSSH7qqSFdJeLIAmI7hxBmjaJFZNbtkkylsrDOZCBJmwa2GX%2BAZBmwL879sKMiwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8727c5d02ecb92fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/ 36 KB
36 KB 836ms
835ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661327d6-8ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5k7lrUl2jG7U%2Bbsqmhnw7M2F3PqKEmE3IsPfByse0ueJJIGXF2MMy9s375mgH1upl3%2BBZrpL8N%2F6B6E3s3%2FQNU0TTUeDe0ssxIZPi7eT%2FP3ZuxHoQeak2UcVqJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5d02ecc92fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 36862

GET
H3 200 bulksplash-imgix-klwuhr-wpj8.jpg
oremin.me/assets/images/ 57 KB
57 KB 978ms
977ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-imgix-klwuhr-wpj8.jpg
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661327d5-e201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4gFwGoN2xC%2BJh3EIZ%2BOn%2F7QqfJVi25CgrOeR1PUfmnCS7yDxt5Clboiabi%2BrdX3ri8eEk9TkdKm4Se7BE5l0qHvrlE1BKRli7hW3rhuLGvUtLGuqUVOwIttKQc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5d02ecd92fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 57857

GET
H3 200 bulksplash-angieprz21-tyyycokojo4.jpg
oremin.me/assets/images/ 45 KB
45 KB 1008ms
1007ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-angieprz21-tyyycokojo4.jpg
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "661327d4-b35b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Amc5tR%2Fgqy4kWH0uiT7GdhyOGQoDjc%2Bh1kDSzcaC9rTgGW2hsb1qVyn%2FmX5DRg84VQHxbhwqvPuN8LJQ0r0jdjJXxd20A6X3NMMqwQf6NPskeOAstYrpf%2Fuu8PI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5d04ed692fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 45915

GET
H3 200 email-decode.min.js Show response
oremin.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 27ms
27ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oremin.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: oremin.me
URL: https://oremin.me/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCGsmnrhgVXF37eEYJRYmhysR0M0JHrutBSZOUsbo9mIFL%2FZE%2FSfTDECtQHb7ZelaVdIocCox%2BXy3Y0HB5dLBX9AbNfLct35KJHTXOjoQ99WWUaNVYNhlZ6NaCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8727c5d04ed792fd-CPH
expires: Sat, 13 Apr 2024 03:08:32 GMT

GET
H3 200 rocket-loader.min.js Show response
oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 28ms
28ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: oremin.me
URL: https://oremin.me/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHohFlVxU%2BY%2FcrwcqPzDIzHNKU7nuFB%2Fce2qukPg6GuxKyAoKBHtuPjAQeQubDqGroPFFaeaFTQpPC4SpWtFG%2BqVTIemCklYiKIkZbMNXrONz5hJTO1APs7GwOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8727c5d04ed892fd-CPH
expires: Sat, 13 Apr 2024 03:08:32 GMT

GET
H3 200 bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/ 36 KB
36 KB 31ms
31ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Requested by: Host: oremin.me
URL: https://oremin.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 23:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "661327d6-8ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2C6CqPSkD00TUiFoulQ78o2%2BOdQFfKUMedhkD6xqZSv27Dhd0N0unwJSm2DVWDnS3hAXNoH4QvLIIxmrIc80MLYMjbsFFZHKlLG5Fk5W0OuoeU%2BswFXlOzGOyzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5d5c92692fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 36862

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 191ms
92ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://oremin.me
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 09:52:30 GMT
x-content-type-options: nosniff
age: 407763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 09:52:30 GMT

GET
H3 200 themify.woff
oremin.me/fonts/themify/ 55 KB
55 KB 1011ms
1010ms Font
font/woff 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/fonts/themify/themify.woff?-fvbane
Requested by: Host: oremin.me
URL: https://oremin.me/css/themify-icons.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/css/themify-icons.css
Origin: https://oremin.me
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6613280f-db2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJ%2Bxse9o8Mn3EiwDwu5BxggIEa%2FEHKzO9ZOV9ilgXzGT6sOmxVfXRPf9LtaD9td9wUVfllBTdBWFbkLI7UamovOM5O0jaJgOlpRNiIlMTNviiUtGT%2FITE9279hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
accept-ranges: bytes
cf-ray: 8727c5d5c92992fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 56108

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 146ms
46ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://oremin.me
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 19:07:30 GMT
x-content-type-options: nosniff
age: 374463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 19:07:30 GMT

GET
H3 200 custom.js Show response
oremin.me/js/ 3 KB
1 KB 882ms
880ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/custom.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1ba1399b4064fb2341037f943a0cb03e70746d4039a9bc7d61aa8808ae1d41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281a-d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gupJOmZEFXfDN5sVnaNK5S7SmHO8ie4uIAjcy7c03CcUM8hANAfroxMgkvo21m0wnrViqjQo0AfxdSy66O6IqUGiuiKsYCAJ6iJZpJJgcl3BQWQmAbQRzuJDIOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94092fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.magnific-popup.min.js Show response
oremin.me/js/ 20 KB
8 KB 324ms
322ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/jquery.magnific-popup.min.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b30ca232045dbc02c722c1747f97cf2dc474258e86800daeff61af4ebdb5500

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281e-51c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgwaSsNSDOW8EPljWUTRUAa5RNA0jBpSFZTWrjd0huRLmxfAQH1pKm%2FFOGXp3Q%2Bde3TefQtE8k4zKdqRDmC8ngZqsM08qMhOz8mfObCV%2Bcwyx3TlVn%2FnOk0LBYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94192fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
oremin.me/js/ 39 KB
11 KB 312ms
311ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/owl.carousel.min.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66132820-9dd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67wHBZww56UgqZgxkY2TgzTKz4iWYxtqL8EZdf1D%2FSr9dO%2FxzBvFbnSwn4ZbqJn0%2F7NZqUJcy6TTOObx5vh%2BX1TPtyr0NIFntty23%2BTsYw3LzD2SYtaJfGhEqBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94292fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 modernizr-2.6.2.min.js Show response
oremin.me/js/ 15 KB
7 KB 835ms
833ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/modernizr-2.6.2.min.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281f-3c36"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FHkMZHN4mLHadzOqFrqhMPZygULFQAmSiOyy4bYDOU0Mrs%2FVwohXT2zvyPIsZIBpivqadIq%2FYVKhMBc3xIApLaotnhpCtYfM2fw9wEpzujbKtBLLIhjBypc3G8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94392fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.js Show response
oremin.me/js/ 66 KB
15 KB 339ms
337ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/bootstrap.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68fd9f7f7c8165a37c795ebfa68f958fc5e03cdefc2a586ad682199065c3330

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281a-10653"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URKk%2BT%2B%2F02cetb7rIJPqhif4OmUqhxvMOWYzv9xxhNXoFuSB7xOtCg4w8I7cZgzt4g8kWw%2F3KCjTOzYiCmkCdUytO2dk7nIyXrMbhgV%2BXh1enurrPaW%2FBYGmb9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94592fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.easing.1.3.js Show response
oremin.me/js/ 8 KB
2 KB 302ms
300ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/jquery.easing.1.3.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281e-1fa5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HOTrlNVVFD7KSwpLQbFNsOzhtITcJsRKlax%2BKmVdQl49KIZTbZ54CnhpNbkvMPk7zJUUO2WHi8EcIapPuBd6dgezXTo9H%2BieBf4kSZ79JtQxjLIC1hcskKvPSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94692fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-1.10.2.min.js Show response
oremin.me/js/ 91 KB
33 KB 297ms
295ms Script
application/javascript 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/js/jquery-1.10.2.min.js
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:11:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6613281d-16bb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyRzMX25djcEDMYeww0SJVgilZB9cEz28s8FwU6uxYnLs7lFfo3PemJkGNe5Y%2FwX9DAG1zwC3tvoRAeDR1dDh9U196Ta2ICaZMYimZom8muJatJJaGpmLXepJnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 8727c5d5f94792fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 660F
Redirect Chain

https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

45ms
45ms

Script
application/javascript

172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Requested by

Host: oremin.me
URL: https://oremin.me/

Protocol

H3

Server

172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1086bafcc2c913f37d419dca52731340fac2a0f293cef80ecd85ef847c8145aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZmEohxxJgUWAvkyrKnBvxfwwGW4oAjNNvr82LjYkINkRkueKslzTqdmgbIZdruBdgmB41NJvMii2ZHP4oLpRPAHCTxi07GHGALDWEA8nzOxrJm%2BYC3PpO9mcLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8727c5d6295892fd-CPH
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 11 Apr 2024 03:08:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4mk3rxJOgCx0cjVYpwNY5Zvd0twszQV0HEZzQ5XedPAnz86xyId2mSqDTfTYS6Iu8zyHoys3ID1KO%2BSyRA9qs4RfGGADuX3YmGA5P8KkQnRgk68Rq%2F7pOVXNNI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
cf-ray: 8727c5d5f94892fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8727c5c4d9a892fd Show response
oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 660F 0
580 B 41ms
41ms XHR
text/plain 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/8727c5c4d9a892fd
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Apr 2024 03:08:33 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8eEjvdxH7xK95IyiTzh%2FjYnIFMoaWOV%2BFwqWBVQ7%2FZ0KJMiWSl18Pn7eKFmqtNa3XHhQLYcuHtgL34t62lMm08bn%2FNwrvClet8b8e4HwyukHm5YgjCU7SE5ZZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8727c5d6d9a992fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
oremin.me/ 33 KB
34 KB 341ms
341ms Other
image/x-icon 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5356cd7fa1821a56b7560ce5a5d6892c9118e5dbe73818a50bab410565cae272

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 07 Apr 2024 23:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66132803-8572"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2PeX6lznTnaDc4yz8OpRdT8n7cWCETXBpyYBgNPDTv3o0lOOYexN8VUo3RXMbIJbTz0LyVcb1mINat9MVAiWiLGIjxJNKHD%2F8ZjH4M6eDs438v1Rp%2BPTVQxOws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cf-ray: 8727c5dc2bac92fd-CPH
alt-svc: h3=":443"; ma=86400

GET
H3

200

main.js Show response
oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 660F
Redirect Chain

https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

37ms
37ms

Script
application/javascript

172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oremin.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

H3

Server

172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f59f57bba2eaeed40809848edee475bb79a9f8f0a4c4b8c6fd753de72309559

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmBcY5ScgmOfnlPEyUJSH6iI5Ofm9nf23COq2BYKYZfm3BkbHObWKuj%2BXMFcoD40KLeLVp5zmlqzu602HLa217bb%2B6plKC3y2H%2FlZ5dgnNG%2BgVIEIs9qlXE7Cr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8727c5dc6bbf92fd-CPH
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 11 Apr 2024 03:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BBhO0lSFQU0PMpxgRWaIhio8VzSlHHh8vDYwqrQ3RPz0%2FwjO3ug90ICYacffPb0uOKiFdeF1tr14r37MWDf5k9bP23FGSmPQr0t3ADRL6MaqJ1%2FpzX9aZ9eEPPA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control: max-age=300, public
cf-ray: 8727c5dc3bb192fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bulksplash-rmrdnl-4p3jflrqjha.jpg
oremin.me/assets/images/ 36 KB
36 KB 35ms
29ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-rmrdnl-4p3jflrqjha.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 23:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "661327d6-8ffe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQqX%2FpVGDP4J7WnbPKK2Cdk9rmzmk7fSMJLdIsDw8sWDDxwc7fyKLoJo8OUcWZE%2FaKwAvbGimZjHaTGYDRca9c%2BgxKKtNXQOVn3rnDhdAMG%2Fgc9UNemSoW9plM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5dc4bb692fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 36862

GET
H3 200 bulksplash-angieprz21-tyyycokojo4.jpg
oremin.me/assets/images/ 45 KB
45 KB 35ms
30ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-angieprz21-tyyycokojo4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 23:10:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "661327d4-b35b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFxIeIvAhe08Yn4WkfXb2AYqjLj3CY4QD%2FFuh6rJt%2BmWS8oABNsIDDFEoqkt58w2jj96V0MOTJB0UgaMZxnUdDUsuD61Cs1ySKLOJeOYqt66B%2FwFc35v1OQqJCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5dc4bb892fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 45915

GET
H3 200 bulksplash-imgix-klwuhr-wpj8.jpg
oremin.me/assets/images/ 57 KB
57 KB 58ms
53ms Image
image/jpeg 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oremin.me/assets/images/bulksplash-imgix-klwuhr-wpj8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://oremin.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
cf-cache-status: HIT
last-modified: Sun, 07 Apr 2024 23:10:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: "661327d5-e201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooWY906iN4j%2FOZNjT3YTLavL43Qi9PIEBG9HwQ%2FqUrqE9W%2FsSeIto90ZibNOmcr62cKMUFJOR%2BkXeHexB2hSGoHPHz6dFI6ko7i8V%2FAlCXqPJw0h9xrTl9aFPLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8727c5dc4bba92fd-CPH
alt-svc: h3=":443"; ma=86400
content-length: 57857

POST
H3 200 8727c5c4d9a892fd Show response
oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 660F 0
577 B 37ms
37ms XHR
text/plain 172.67.142.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oremin.me/cdn-cgi/challenge-platform/h/b/jsd/r/8727c5c4d9a892fd
Requested by: Host: oremin.me
URL: https://oremin.me/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.142.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Apr 2024 03:08:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phrdx1DmF6k3LxUU6hjTKvJ41VDeYFAlewPcvby3BIfOJMuIoxgEPCzA2ldtghJ%2Fy6ycGNW5RWIXYQe1nVFCgzgjpE5tPS8eCG6ZR%2BwjxH06sEsbjyPmtm2a%2FDM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8727c5ddec5e92fd-CPH
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| $ function| jQuery object| jQuery110204114848622858269 object| html5 object| Modernizr function| yepnope boolean| __cfRLUnblockHandlers

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oremin.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ouqpgges3b5amhf6675q1qcp6
			.oremin.me/	1970-01-20 19:48:11	Name: _subid Value: 3uueca2hur8p
			.oremin.me/	1970-01-20 19:48:11	Name: d6cb3 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjgwNjQ1XCI6MTcxMjgwNDkxMn0sXCJjYW1wYWlnbnNcIjp7XCIxNDE4MFwiOjE3MTI4MDQ5MTJ9LFwidGltZVwiOjE3MTI4MDQ5MTJ9In0.cwMYYzJsqdkjgPWRTXp3BJqjTyj2JwuKb-MLs8lAECA
			.oremin.me/	1970-01-21 04:32:20	Name: cf_clearance Value: pZ1gaKkKMWbhfQgoX2wqaTmEp_SzAxdrR.vp95zQnFg-1712804914-1.0.1.1-FPEcB8cpGbsIz_anlTMuKA6_NKOnowq4NmvMPlcGMEtefZPNPIFI0nb9B60p96qFv9Caogr8tggFWLGq0LXLXQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
oremin.me
172.67.142.16
2a00:1450:4001:809::2003
2a00:1450:4001:830::200a
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62
1086bafcc2c913f37d419dca52731340fac2a0f293cef80ecd85ef847c8145aa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26989d3113acf7ccb959bee7a1f6a1a1e009edcbe58e52b3052b89f868a2c3cb
2e1ba1399b4064fb2341037f943a0cb03e70746d4039a9bc7d61aa8808ae1d41
3b18be1155c40f2c912370b9a1b9029db5154446f45b2e82232c9f817a5715c0
5356cd7fa1821a56b7560ce5a5d6892c9118e5dbe73818a50bab410565cae272
5f7b085206304110788dd065b95c1fcf2b646b4d623b63d1d83524c30a97a1c5
6bd34ff859cdaafbc16491e8bef3a9c3872c9bb73eabb21076afe7b4442ab076
82052d75f5fce338c784a50a9b6de7d729c63313f2c1139b916e3503326f0c6f
82a9faac2085637188acd50e1e3c94de87dda25908e2df344743eed4a71a5035
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
89a74978eb2c3e8477b7c6f5128f7f117cc7baa5afdffdf8f4c2f1ce653272cc
8f59f57bba2eaeed40809848edee475bb79a9f8f0a4c4b8c6fd753de72309559
9b30ca232045dbc02c722c1747f97cf2dc474258e86800daeff61af4ebdb5500
a62b46c69982f34433d223167ff4838dede363d9f8a1d22e07a8d203a347e941
bb9d8e502e14f78f9719329a78721dc917f26bc073df3514e14c634edd239ea9
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c68fd9f7f7c8165a37c795ebfa68f958fc5e03cdefc2a586ad682199065c3330
c6a5dd987c14d9f4f3e82b36933e2cfb563e2cf451dc83175ff6d0d20a0d7d13
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855