urlscan.io logo urlscan.io
SecurityTrails logo

thatsthefinger.com Open in urlscan Pro
3.67.153.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.4track.ru/
Effective URL: https://thatsthefinger.com/
Submission: On October 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 21 HTTP transactions. The main IP is 3.67.153.12, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is thatsthefinger.com.
TLS certificate: Issued by R3 on October 10th 2021. Valid for: 3 months.
This is the only time thatsthefinger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.26.122.71 62082 (HOSTLAND)
2 89.40.214.138 56430 (CHROOT Bu...)
1 142.250.186.104 15169 (GOOGLE)
1 142.250.186.174 15169 (GOOGLE)
1 66.102.1.155 15169 (GOOGLE)
4 3.67.153.12 16509 (AMAZON-02)
4 93.184.220.66 15133 (EDGECAST)
2 157.240.20.19 32934 (FACEBOOK)
2 142.250.186.46 15169 (GOOGLE)
2 104.244.42.200 13414 (TWITTER)
1 157.240.20.35 32934 (FACEBOOK)
21 11
1    185.26.122.71 (Russian Federation)

ASN62082 (HOSTLAND, RU)
PTR: serv71-26.hostland.ru
www.4track.ru
2    89.40.214.138 (Bucharest, Romania)

ASN56430 (CHROOT Bucharest ROMANIA, EU, RO)
PTR: edge1.ext.ro2.eu.l7cache.net
dereferer.me
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
analytics.google.com
1    66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net
stats.g.doubleclick.net
4    3.67.153.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-153-12.eu-central-1.compute.amazonaws.com
thatsthefinger.com
4    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    157.240.20.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
2    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    157.240.20.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
Domain Requested by
4 platform.twitter.com thatsthefinger.com
platform.twitter.com
4 thatsthefinger.com thatsthefinger.com
2 syndication.twitter.com platform.twitter.com
2 www.google-analytics.com thatsthefinger.com
www.google-analytics.com
2 connect.facebook.net thatsthefinger.com
connect.facebook.net
2 dereferer.me dereferer.me
1 www.facebook.com connect.facebook.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com dereferer.me
1 www.4track.ru 1 redirects
21 11

This site contains no links.

Subject Issuer Validity Valid
dereferer.me
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.thatsthefinger.com
R3		 2021-10-10 -
2022-01-08		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-23 -
2021-10-21		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 4 frames:

Primary Page: https://thatsthefinger.com/
Frame ID: 2B94370F6FC8E9027BD40992315B2AB2
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fthatsthefinger.com
Frame ID: 26957E070E06DD8B75207856B7DCE16B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14de497ab84084%26domain%3Dthatsthefinger.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fthatsthefinger.com%252Ffe30a04c3996c4%26relation%3Dparent.parent&container_width=47&href=https%3A%2F%2Fthatsthefinger.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=200
Frame ID: C13CE70AA69177EB621C29679CA45477
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Frame ID: 4EE2308AC3630945D3230E3EBB8CF932
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The finger, deal with it.

Page URL History Show full URLs

  1. https://www.4track.ru/ HTTP 302
    https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy Page URL
  2. https://thatsthefinger.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

11
IPs

5
Countries

572 kB
Transfer

1164 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.4track.ru/ HTTP 302
    https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy Page URL
  2. https://thatsthefinger.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.4track.ru/ HTTP 302
  • https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
dereferer.me/
Redirect Chain
  • https://www.4track.ru/
  • https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.40.214.138 Bucharest, Romania, ASN56430 (CHROOT Bucharest ROMANIA, EU, RO),
Reverse DNS
edge1.ext.ro2.eu.l7cache.net
Software
Dereferer.me / Layer7 Cache
Resource Hash
d153deb21a9bcb04cf00e9920a78c69560c8a7ddf48ce0364ea0c2b95ba6a560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dereferer.me
:scheme
https
:path
/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Oct 2021 06:18:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-location
https://thatsthefinger.com
server
Dereferer.me
x-powered-by
Layer7 Cache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-encoding
gzip

Redirect headers

server
nginx
date
Wed, 13 Oct 2021 06:18:24 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
x-powered-by
PHP/7.4.24
access-control-allow-origin
*
js
www.googletagmanager.com/gtag/ 		105 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N5S9H9QEV6
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
12e65937ad61db07f3c902e875eb42a2bb8393dd6e61d2c98c2e0fd5c95d5870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:18:25 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43061
x-xss-protection
0
expires
Wed, 13 Oct 2021 06:18:25 GMT
bg13.jpg
dereferer.me/static/images/backgrounds/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dereferer.me/static/images/backgrounds/bg13.jpg
Requested by
Host: dereferer.me
URL: https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.40.214.138 Bucharest, Romania, ASN56430 (CHROOT Bucharest ROMANIA, EU, RO),
Reverse DNS
edge1.ext.ro2.eu.l7cache.net
Software
Dereferer.me / Layer7 Cache
Resource Hash
ef7488dbc26f153cdb0a5df4d4218694db9b79ec3cb4b716dd71d687640fb5a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/static/images/backgrounds/bg13.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
dereferer.me
referer
https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://dereferer.me/?ohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:18:25 GMT
x-content-type-options
nosniff
last-modified
Thu, 06 May 2021 22:16:10 GMT
server
Dereferer.me
x-powered-by
Layer7 Cache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
249703
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
analytics.google.com/g/ 		0
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N5S9H9QEV6&gtm=2oeab0&_p=709569024&sr=1600x1200&_gaz=1&ul=en-us&cid=748739953.1634105905&_s=1&dl=https%3A%2F%2Fdereferer.me%2F%3Fohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy&dt=redirect%20auto&sid=1634105905&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path=%2Fauto%2Fhttps%3A%2F%2Fthatsthefinger.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5S9H9QEV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:18:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dereferer.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
357 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N5S9H9QEV6&cid=748739953.1634105905&gtm=2oeab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N5S9H9QEV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:18:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dereferer.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
thatsthefinger.com/ 		2 KB
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://thatsthefinger.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.153.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-153-12.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
394591e27cae1b1cb3bc2aa7226bd8c730445dc687172ce0745da85a0c2c1eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
thatsthefinger.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 11 Oct 2021 11:09:15 GMT
etag
"6790056e954dd06d7bd99517fba6b730-ssl-df"
strict-transport-security
max-age=31536000
content-length
736
content-encoding
br
age
155353
vary
Accept-Encoding
server
Netlify
x-nf-request-id
01FHW4TQ34Z9EGTBWEFJSKR62H
collect
analytics.google.com/g/ 		0
0
styles.css
thatsthefinger.com/css/ 		969 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thatsthefinger.com/css/styles.css
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.153.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-153-12.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
ea3609852399f08005e45326ab8f9daf69d9a0cd57203aabfb2e568434c2afe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/css/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
thatsthefinger.com
referer
https://thatsthefinger.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FHW4TQ46JN7QENZXD7V078Z6
date
Tue, 12 Oct 2021 03:49:31 GMT
server
Netlify
age
95337
etag
"3d126116ba83e5bfec884a69a955a3d8-ssl"
strict-transport-security
max-age=31536000
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
content-length
969
flip-the-bird.js
thatsthefinger.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thatsthefinger.com/js/flip-the-bird.js
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.153.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-153-12.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
94e96be2ed440466be13d7a2b1469d7a1bd88ad5ba6bb566958592bfff249e2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/js/flip-the-bird.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
thatsthefinger.com
referer
https://thatsthefinger.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FHW4TQ46BKXV8SDXVGY7AVG3
date
Mon, 11 Oct 2021 11:09:16 GMT
content-encoding
br
server
Netlify
age
155353
etag
"601b14d164b970bbd4f68500c09c853e-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
content-length
1173
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/js/flip-the-bird.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 06:18:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 19:09:26 GMT
Server
ECS (frb/668A)
Age
448
Etag
"f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28869
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/js/flip-the-bird.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
168fcf4ed70e2512cd27602ecd5ac4adc10bc8aea525e93190ead657342214cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
norFSFMNaoaAcP8Clg3hPg==
cross-origin-resource-policy
cross-origin
expires
Wed, 13 Oct 2021 06:35:18 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
ZmxTF08Sh7EMYRfvW2RIfAsdd3P15lCOLaYAlQTs8qyyGJ+PlDz37hEydr57WJGCE6p+nq55lE1TDd9PSvj0EA==
x-fb-trip-id
686109401
x-fb-content-md5
86b50b7614b341fcec0819cafa8c85da
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 13 Oct 2021 06:18:28 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c1937cf86702b35a758f2ca7ce5ba378"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
1042
date
Wed, 13 Oct 2021 06:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 08:01:06 GMT
flippers.png
thatsthefinger.com/img/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thatsthefinger.com/img/flippers.png
Requested by
Host: thatsthefinger.com
URL: https://thatsthefinger.com/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.67.153.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-153-12.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
344900bbdd0e1d8d45b5aa21f4e2ad020168b2e5c09e4a19841c56706eae1985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/img/flippers.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
thatsthefinger.com
referer
https://thatsthefinger.com/css/styles.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id
01FHW4TQ4QRSKHPM1347JHSYBV
date
Tue, 12 Oct 2021 03:01:49 GMT
server
Netlify
age
98200
etag
"85b73b08720a401e5f0df45ccd06f48f-ssl"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
public, max-age=0, must-revalidate
content-length
33075
all.js
connect.facebook.net/en_US/ 		265 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=86790c540a6d14d3a51e3cd1bb47f451
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.20.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
951aeacfd569265f931f5f1f2d01c012ef53602ae5973d8b5b7ebbadcc09f2ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thatsthefinger.com/
Origin
https://thatsthefinger.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TEFqZ+P0v677mOa1d6YOvw==
cross-origin-resource-policy
cross-origin
expires
Thu, 13 Oct 2022 06:15:18 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76224
x-fb-rlafr
0
x-fb-debug
wlFj8y1pN1c3RrYtBcIQapiqqTTEe2eN4JlyLu2jqLiH9994/bIz6pU2MnEn0yNKCelDD0/as6BAveq1MXlbCQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
cadc3ab3c8fc08d435434965c346154d
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Oct 2021 06:18:28 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"447dfc418248ffe2cc23b7db0539d968"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html
platform.twitter.com/widgets/ Frame 2695 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fthatsthefinger.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C1) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thatsthefinger.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
725830
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Oct 2021 06:18:28 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67C1)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=2076913757&t=pageview&_s=1&dl=https%3A%2F%2Fthatsthefinger.com%2F&ul=en-us&de=UTF-8&dt=The%20finger%2C%20deal%20with%20it.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1515465925&gjid=1527054325&cid=432669906.1634105908&tid=UA-56795519-1&_gid=1291069593.1634105908&_r=1&_slc=1&z=1282744119
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thatsthefinger.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 06:18:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thatsthefinger.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 2695 		232 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=519df3b3268849e7a8df4d506a59a4d184e3c576
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fthatsthefinger.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:18:28 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 06:18:28 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
0b1f2939a99426d82af656ab7da35db70deeae872b469c74b1dc9bfb06432101
content-length
166
like.php
www.facebook.com/plugins/ Frame C13C 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14de497ab84084%26domain%3Dthatsthefinger.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fthatsthefinger.com%252Ffe30a04c3996c4%26relation%3Dparent.parent&container_width=47&href=https%3A%2F%2Fthatsthefinger.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=200
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=86790c540a6d14d3a51e3cd1bb47f451
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df14de497ab84084%26domain%3Dthatsthefinger.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fthatsthefinger.com%252Ffe30a04c3996c4%26relation%3Dparent.parent&container_width=47&href=https%3A%2F%2Fthatsthefinger.com%2F&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://thatsthefinger.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
nhaT0FdMzu/lfRiaRqqAkA59EB53ap96qSRSGfIWn3q6vxtlCy4UAZNvhmfhcs5Lwu9EiKYoUqZyqgidpZO6JA==
content-length
0
date
Wed, 13 Oct 2021 06:18:28 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 06:18:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:56:33 GMT
Server
ECS (frb/668A)
Age
725848
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
platform.twitter.com/widgets/ Frame 4EE2 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thatsthefinger.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
725847
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Oct 2021 06:18:28 GMT
Etag
"a4ee8ee440f819aba90d7a1be062a8d7+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668A)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
truncated
/ Frame 4EE2 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot
syndication.twitter.com/i/ 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fthatsthefinger.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1634105908759%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22fcb1942%3A1632982954711%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://thatsthefinger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 06:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 13 Oct 2021 06:18:28 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0b1f2939a99426d82af656ab7da35db70deeae872b469c74b1dc9bfb06432101
x-transaction
aa460d4c2b5e0de4
expires
Tue, 31 Mar 1981 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.google.com
URL
https://analytics.google.com/g/collect?v=2&tid=G-N5S9H9QEV6&gtm=2oeab0&_p=709569024&sr=1600x1200&ul=en-us&cid=748739953.1634105905&_s=2&dl=https%3A%2F%2Fdereferer.me%2F%3Fohl_jD79ozbyrJ4w_ROlkOv0GRrg6dZr0eNmdDbZy&dt=redirect%20auto&sid=1634105905&sct=1&seg=0&en=RedirType&_et=2444&ep.page_path=%2Fauto%2Fhttps%3A%2F%2Fthatsthefinger.com&ep.event_category=2500%20Wait&ep.event_label=Redirect%20link&ep.non_interaction=true

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect boolean| originAgentCluster object| damnItsTheBody number| totalHeight string| color1 string| color2 number| theWidth number| theFrames number| thatWidth object| mobileOrigin object| hand function| App object| app string| GoogleAnalyticsObject function| ga object| FB object| __twttrll object| twttr object| __twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
dereferer.me/ Name: _ga
Value: GA1.1.748739953.1634105905
dereferer.me/ Name: _ga_N5S9H9QEV6
Value: GS1.1.1634105905.1.0.1634105907.58
.thatsthefinger.com/ Name: _ga
Value: GA1.2.432669906.1634105908
.thatsthefinger.com/ Name: _gid
Value: GA1.2.1291069593.1634105908
.thatsthefinger.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
dereferer.me
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
thatsthefinger.com
www.4track.ru
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
analytics.google.com
104.244.42.200
142.250.186.104
142.250.186.174
142.250.186.46
157.240.20.19
157.240.20.35
185.26.122.71
3.67.153.12
66.102.1.155
89.40.214.138
93.184.220.66
12e65937ad61db07f3c902e875eb42a2bb8393dd6e61d2c98c2e0fd5c95d5870
168fcf4ed70e2512cd27602ecd5ac4adc10bc8aea525e93190ead657342214cc
344900bbdd0e1d8d45b5aa21f4e2ad020168b2e5c09e4a19841c56706eae1985
394591e27cae1b1cb3bc2aa7226bd8c730445dc687172ce0745da85a0c2c1eb7
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
94e96be2ed440466be13d7a2b1469d7a1bd88ad5ba6bb566958592bfff249e2b
951aeacfd569265f931f5f1f2d01c012ef53602ae5973d8b5b7ebbadcc09f2ab
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d153deb21a9bcb04cf00e9920a78c69560c8a7ddf48ce0364ea0c2b95ba6a560
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3609852399f08005e45326ab8f9daf69d9a0cd57203aabfb2e568434c2afe5
ef7488dbc26f153cdb0a5df4d4218694db9b79ec3cb4b716dd71d687640fb5a4
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f