careworksohio.co Open in urlscan Pro
2606:4700:3031::6815:3243  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response careworksohio.co/	21 KB 6 KB	106ms 36ms	Document text/html	2606:4700:3031::6815:3243 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:3243 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ae9c89c4d72ab5efe364b1e06f70473bf1da5cc4bff6512475e8c4e910a631f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7a99d50fa97044ab-SIN content-encoding br content-type text/html date Sat, 18 Mar 2023 01:51:44 GMT last-modified Fri, 17 Mar 2023 03:22:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiWriMxSx8T4CYDuWy3qvRqGO2BfL8BqMkfYl4kslHZCooecCGixy%2BqiTESOXqJMMzHoa7ahDIw2lh6%2BdOyxe715eIvfWyKj54xNqt9qoF4THMYJj%2FHbhfO6ERy5qY5YioRPCMr1X0OIO2%2BtxcFT"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	277 KB 72 KB	30ms 5ms	Script text/javascript	2404:6800:4003:c11::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: careworksohio.co URL: https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f911dd09eaef75ede942390a4cd93fd5c2248ade377d673ed07e76fbacd1deca Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://careworksohio.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sat, 18 Mar 2023 01:51:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72852 x-xss-protection 0 server sffe etag "d09c7b4fd21d5641" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 18 Mar 2023 01:51:44 GMT
GET H2	200	amp-anim-0.1.js Show response cdn.ampproject.org/v0/	6 KB 3 KB	41ms 17ms	Script text/javascript	2404:6800:4003:c11::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-anim-0.1.js Requested by Host: careworksohio.co URL: https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2c96efaaecdd5e6a0f391e43d4ba520b9f0d6d2ba3d05b41fbdc49dc0b4fc2ec Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://careworksohio.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sat, 18 Mar 2023 01:51:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2479 x-xss-protection 0 server sffe etag "fb6ff5ae40e76493" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 18 Mar 2023 01:51:44 GMT
GET H2	200	logo.png cdn.robotaset.com/assets/tpl/70742a9337/images/	21 KB 22 KB	68ms 25ms	Image image/webp	2606:4700:4400::6812:2403 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.robotaset.com/assets/tpl/70742a9337/images/logo.png Requested by Host: careworksohio.co URL: https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2403 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2738a76b5f567aa7b2900f543556a44934625e821ba8d0f0260eeaee46c94ca9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://careworksohio.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 18 Mar 2023 01:51:44 GMT cf-cache-status HIT x-amz-request-id JXW7PH8TDBNRJQ8D age 6407 cf-polished origFmt=png, origSize=22664 content-disposition inline; filename="logo.webp" content-length 21764 x-amz-id-2 RD6YQtIfoLd1r+3y+8XceUIqR53/4WvisXwP34RUxHYHSycxXQ3HlrnGdVPa52eaTPe+vAqpg7Y= cf-bgj imgq:100,h2pri last-modified Tue, 02 Nov 2021 09:08:58 GMT server cloudflare etag "5d1e83b531639cb77396fc3d004a9ef0" vary Accept content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 7a99d510deec3dbd-SIN expires Sat, 18 Mar 2023 05:51:44 GMT
GET H2	200	situs-judi-slot-online.jpg ocrd-ontario.org/media/	56 KB 56 KB	774ms 729ms	Image image/jpeg	2606:4700:3037::6815:5c35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ocrd-ontario.org/media/situs-judi-slot-online.jpg Requested by Host: careworksohio.co URL: https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5c35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3c185e12951cde9c018e48001a2e9e839cf20d38d661e93b488d697f5966bea Request headers accept-language zh-SG,zh;q=0.9 Referer https://careworksohio.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 18 Mar 2023 01:51:45 GMT cf-cache-status MISS last-modified Tue, 17 Jan 2023 06:27:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "de8f-5f26fcb709d00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCjLeTMUVtSMvMkYINweuPdVSJtvObUFS2kpTFws9AjiSazqNhMu6OsAwsQ6pxu4yePjhexjS3APUuO5k9U9wAFJZPrvkvlgWz4TVb4BTInl%2Fl%2BpSht2Csq26DX%2FNi%2FCjLXk4bKG5rD0eEmdI12w"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 7a99d510d8882ec8-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56975
GET H2	200	aplikasibank.png ocrd-ontario.org/media/	69 KB 70 KB	418ms 373ms	Image image/png	2606:4700:3037::6815:5c35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ocrd-ontario.org/media/aplikasibank.png Requested by Host: careworksohio.co URL: https://careworksohio.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:5c35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef2bb9d14662e8a6cd1169c0c1d2d9cf904f2785981c9fb727d9c80a4ce5caf2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://careworksohio.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 18 Mar 2023 01:51:45 GMT cf-cache-status REVALIDATED last-modified Mon, 26 Dec 2022 09:18:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "114a8-5f0b79faab700" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eR3afNbA%2BIqp8Nbrb5DA4hNzcKaxA7SuR3lXfEvvQsp4lYABsDIif1rlmLuy7dKgnIihtP%2BIGXu3DGcQ%2B6rqn9ZQsDbL4zV2Iwl5fNMf2lUw8CFoxNlG8cSipbTykMAGIEbecU9MthDRi5w4ofZ4"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7a99d510d8872ec8-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 70824
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012302271541000/v0/	12 KB 4 KB	34ms 10ms	Script text/javascript	2404:6800:4003:c11::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012302271541000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a48782b28c393c7375207d2650475e176980f3116decba05db72fca5e40efdf4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://careworksohio.co/ Origin https://careworksohio.co accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 13 Mar 2023 07:41:59 GMT age 410985 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3938 x-xss-protection 0 server sffe etag "9be99d6d09e231e7" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 12 Mar 2024 07:41:59 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.robotaset.com/	1970-01-20 10:25:06	Name: __cf_bm Value: JCxkacMU.Z.EP3a8cqVFkqk0.I2WfkIuSuU10G6VFJg-1679104304-0-AUpd0EZRKOhRn9HCIGIxljZ+GA1Yf+Ry/zKLT5ZzEnUfGpb2bUDlfQGjxz9TPzsxnC2HZNTCuADrNXpNNpIXTPI=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

careworksohio.co
cdn.ampproject.org
cdn.robotaset.com
ocrd-ontario.org
2404:6800:4003:c11::84
2606:4700:3031::6815:3243
2606:4700:3037::6815:5c35
2606:4700:4400::6812:2403
2738a76b5f567aa7b2900f543556a44934625e821ba8d0f0260eeaee46c94ca9
2ae9c89c4d72ab5efe364b1e06f70473bf1da5cc4bff6512475e8c4e910a631f
2c96efaaecdd5e6a0f391e43d4ba520b9f0d6d2ba3d05b41fbdc49dc0b4fc2ec
a48782b28c393c7375207d2650475e176980f3116decba05db72fca5e40efdf4
d3c185e12951cde9c018e48001a2e9e839cf20d38d661e93b488d697f5966bea
ef2bb9d14662e8a6cd1169c0c1d2d9cf904f2785981c9fb727d9c80a4ce5caf2
f911dd09eaef75ede942390a4cd93fd5c2248ade377d673ed07e76fbacd1deca