workof.com Open in urlscan Pro
2606:4700:20::681a:665 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa626...
Effective URL:
https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab...
Submission: On December 08 via api (December 8th 2019, 8:39:07 am UTC) from US

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 30 HTTP transactions. The main IP is 2606:4700:20::681a:665, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is workof.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 10th 2019. Valid for: a year.

This is the only time workof.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	23.21.208.32 23.21.208.32	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700:20:... 2606:4700:20::681a:665	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.224.196.41 13.224.196.41	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	151.101.112.84 151.101.112.84	54113 (FASTLY) (FASTLY - Fastly)
1 3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
5	2606:4700:20:... 2606:4700:20::681a:e5a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.144.234.173 54.144.234.173	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
30	21

1 23.21.208.32 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-208-32.compute-1.amazonaws.com

t.yesware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:665 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

workof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.41 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-41.fra2.r.cloudfront.net

cdn.zarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

cdn.slaask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:e5a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

slaask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uploads.slaask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.234.173 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-144-234-173.compute-1.amazonaws.com

stats.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	slaask.com cdn.slaask.com slaask.com uploads.slaask.com	309 KB
3	google-analytics.com 1 redirects www.google-analytics.com	19 KB
2	facebook.com www.facebook.com	393 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	facebook.net connect.facebook.net	112 KB
2	nr-data.net bam.nr-data.net	417 B
1	pusher.com stats.pusher.com	228 B
1	gstatic.com fonts.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com	711 B
1	google.de www.google.de	110 B
1	google.com www.google.com	122 B
1	pinterest.com ct.pinterest.com	71 B
1	zarget.com cdn.zarget.com
1	googleadservices.com www.googleadservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	workof.com workof.com	67 KB
1	yesware.com t.yesware.com	21 KB
30	18

	Domain	Requested by
4	slaask.com	cdn.slaask.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	cdn.slaask.com	www.googletagmanager.com
2	www.facebook.com
2	connect.facebook.net	t.yesware.com connect.facebook.net
2	bam.nr-data.net	js-agent.newrelic.com t.yesware.com
1	stats.pusher.com	cdn.slaask.com
1	fonts.gstatic.com
1	uploads.slaask.com
1	fonts.googleapis.com	cdn.slaask.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	ct.pinterest.com
1	cdn.zarget.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	workof.com
1	js-agent.newrelic.com	t.yesware.com
1	workof.com	t.yesware.com
1	t.yesware.com
30	21

This site contains no links.

Subject Issuer	Validity	Valid
*.yesware.com COMODO RSA Domain Validation Secure Server CA	`2018-02-15` - `2021-03-14`	3 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-10` - `2020-10-09`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
cdn.zarget.com Amazon	`2019-07-04` - `2020-08-04`	a year	crt.sh
cdn.slaask.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-09` - `2020-02-07`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
slaask.com CloudFlare Inc ECC CA-2	`2019-08-28` - `2020-08-27`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.pusher.com Gandi Standard SSL CA 2	`2019-01-02` - `2020-02-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Frame ID: A0ED23C160008EBAFEEFD978E8A34D2B
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6... Page URL
https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7... Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Page Statistics

30
Requests

100 %
HTTPS

60 %
IPv6

18
Domains

21
Subdomains

21
IPs

4
Countries

654 kB
Transfer

1756 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0 Page URL
https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=63826831&t=pageview&_s=1&dl=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&dr=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&ul=en-us&de=UTF-8&dt=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAAL~&jid=871991844&gjid=1636107713&cid=1821728667.1575794330&tid=UA-45637051-3&_gid=684513754.1575794330&_r=1&gtm=2wgav9W4VMN4&z=275555433 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45637051-3&cid=1821728667.1575794330&jid=871991844&_gid=684513754.1575794330&gjid=1636107713&_v=j79&z=275555433

30 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set &data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlg... Show response
t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/ 20 KB
21 KB 377ms
95ms Document
text/html 23.21.208.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.208.32 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-23-21-208-32.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

b59886b640741a761159a66512b5b8f427742dd85eb8c6edea25f50e533cb043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: t.yesware.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: Cowboy
Date: Sun, 08 Dec 2019 08:38:48 GMT
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Set-Cookie: t=Q5yjDUX2HbADpJJqAMqmgg; domain=.yesware.com; path=/; expires=Sat, 08 Dec 2029 08:38:48 -0000; secure; HttpOnly
X-Request-Id: 10b117aa-3d48-4514-acf1-eefa4e5b6cf9
X-Runtime: 0.004563
Content-Length: 20662
Via: 1.1 vegur

GET
H2 404 Primary Request &data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlg... Show response
workof.com/ 91 KB
67 KB 677ms
483ms Document
text/html 2606:4700:20::681a:665
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:665 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecad32e0b644cd8266cfe71ac1409a04a1493ea7dacf9ccc5ee446a512a98ea

Request headers

:method: GET
:authority: workof.com
:scheme: https
:path: /&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0

Response headers

status: 404
date: Sun, 08 Dec 2019 08:38:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d912bb1c02301882eb4bcd854c1b980ad1575794329; expires=Tue, 07-Jan-20 08:38:49 GMT; path=/; domain=.workof.com; HttpOnly; Secure
x-request-id: 1183988c-5a80-45b9-a730-82982e58337a
x-runtime: 0.002354
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 541d6cde4d03cbac-VIE
content-encoding: br

GET
H2 200 nr-1153.min.js
js-agent.newrelic.com/ 26 KB
10 KB 6ms
5ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1153.min.js
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:49 GMT
content-encoding: gzip
x-amz-request-id: 2D3E105A17E6604D
x-cache: HIT
status: 200
content-length: 10041
x-amz-id-2: 3t2tQkRjpPp4+gdFW47JilyJiUbAK2RvAnDqzmjysD9hoW4Nrlxvo7Z+PN9rqyVwbaH2UA5RltE=
x-served-by: cache-hhn4082-HHN
last-modified: Fri, 08 Nov 2019 16:26:28 GMT
server: AmazonS3
x-timer: S1575794329.127254,VS0,VE0
etag: "d3b942e7c79a167d59ed590feee5e193"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2083

GET
H/1.1 200
OK 1a5da492d2
bam.nr-data.net/1/ 57 B
261 B 427ms
107ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/1a5da492d2?a=2164051&v=1153.61ee9ba&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=478&ref=https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/%26data%3D02%257C01%257CRyan.Deiter@americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&qt=3&ap=5&be=464&fe=468&dc=467&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1575794328659,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:20,%22c%22:20,%22s%22:106,%22ce%22:282,%22rq%22:282,%22rp%22:377,%22rpe%22:463,%22dl%22:379,%22di%22:467,%22ds%22:467,%22de%22:467,%22dc%22:467,%22l%22:467,%22le%22:468%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1153.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK 1a5da492d2
bam.nr-data.net/resources/1/ 0
156 B 107ms
107ms XHR
text/plain 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/1a5da492d2?a=2164051&v=1153.61ee9ba&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=908&ref=https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/%26data%3D02%257C01%257CRyan.Deiter@americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&st=1575794328659
Requested by: Host: t.yesware.com
URL: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash

Request headers

Referer: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Origin: https://t.yesware.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://t.yesware.com
Access-Control-Allow-Credentials: true
Content-Length: 0
Content-Type: text/plain

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 71 KB
24 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4VMN4

Requested by

Host: workof.com
URL: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

314adc98618ea6451b89e2c7ce17339a1e7c272f109cf4ae2f49b5fbb0655a32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:50 GMT
content-encoding: br
last-modified: Sun, 08 Dec 2019 06:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24312
x-xss-protection: 0
expires: Sun, 08 Dec 2019 08:38:50 GMT

GET
DATA 200
OK truncated
/ 62 KB
62 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6be9dc372505ab1eead4dddcf4d87caea4b0cc2691dced231280aaee18f68cc6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://workof.com

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 003698218a4df5a39769a9c28ecc60753b5af7c4eae93a83f4588407aa5f324f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://workof.com

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
9 KB 15ms
15ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4VMN4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

19c87f0cf5ee963ed08a612136d76a212111f023f020a80f77cedbee1a627031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9627
x-xss-protection: 0
server: cafe
etag: 2186705307927612976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Dec 2019 08:38:50 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.yesware.com
URL: https://t.yesware.com/tt/bdd36958ea69892309d970d2e88db5e7bb73ec65/6440bda1179e4cdb516b5c84b402c8a6/b042b3edb9bcc2aa62606b05b71ac890/workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26702
x-xss-protection: 0
pragma: public
x-fb-debug: WLUA60wKyy+djnog/uF1suvpAxAgsTScc7tVQ+FeuANUGcTkRWqJJ7fKHpeLKAd/+djRJij1t0pYGs9Q4Sz9zg==
x-fb-trip-id: 1475214379
date: Sun, 08 Dec 2019 08:38:50 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 185248.js
cdn.zarget.com/108203/ 0
0 408ms
376ms Script
application/xml 13.224.196.41
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zarget.com/108203/185248.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4VMN4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.41 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-41.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 chat.js Show response
cdn.slaask.com/ 841 KB
249 KB 76ms
16ms Script
application/javascript 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.slaask.com/chat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4VMN4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / cloud66
Resource Hash: b9f83e479c511f39e75f7f5dbf2e48550e71c9dc297a6124dcc9bf3a0d868434

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:50 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 18:20:57 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: cloud66
etag: W/"5de7f909-d2345"
x-hw: 1575794330.cds070.fr8.hn,1575794330.cds103.fr8.c
content-type: application/javascript
status: 200
cache-control: max-age=613234
accept-ranges: bytes
alt-svc: clear
content-length: 254738
via: 1.1 google

GET
H2 404 /
ct.pinterest.com/ 0
71 B 33ms
32ms Image
text/plain 151.101.112.84
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/?tid=O5dgPe88FxE&value=0.00&quantity=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.84 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 08:38:50 GMT
x-cdn: fastly
access-control-allow-origin: *
status: 404
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 0
content-length: 0
x-pinterest-rid: 9553340723385341
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4VMN4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 313
date: Sun, 08 Dec 2019 08:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 08 Dec 2019 10:33:37 GMT

GET
H2 200 988272644547265 Show response
connect.facebook.net/signals/config/ 349 KB
86 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/988272644547265?v=2.9.14&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2050801d47cf8932e9eedaacc2f5db0faf3c2784719ef9024b02169b0b5ebcc8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: KVNiGwNhEBDnZk+0iaIgE5yEJCRvAolTAgGgujsjhsKCV/nCdo0IKR655HFfP8ccbtW8m7G2j97k08Ays6vDPA==
x-fb-trip-id: 1475214379
date: Sun, 08 Dec 2019 08:38:50 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 07:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3468
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Sun, 08 Dec 2019 08:41:02 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/937302795/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/937302795/?random=1575794330128&cv=9&fst=1575794330128&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&ref=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

bb1289e8eb40007b11ec0f3fdcdc753868b2288c21a6123e3857b743e9d71567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 08:38:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=63826831&t=pageview&_s=1&dl=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45637051-3&cid=1821728667.1575794330&jid=871991844&_gid=684513754.1575794330&gjid=1636107713&_v=j79&z=275555433

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45637051-3&cid=1821728667.1575794330&jid=871991844&_gid=684513754.1575794330&gjid=1636107713&_v=j79&z=275555433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sun, 08 Dec 2019 08:38:50 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Dec 2019 08:38:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45637051-3&cid=1821728667.1575794330&jid=871991844&_gid=684513754.1575794330&gjid=1636107713&_v=j79&z=275555433
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/937302795/ 42 B
122 B 22ms
22ms Image
image/gif 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/937302795/?random=1575794330128&cv=9&fst=1575792000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&ref=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)&async=1&fmt=3&is_vtc=1&random=122143893&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 08:38:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/937302795/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/937302795/?random=1575794330128&cv=9&fst=1575792000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&ref=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&tiba=The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)&async=1&fmt=3&is_vtc=1&random=122143893&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Dec 2019 08:38:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=988272644547265&ev=PageView&dl=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&rl=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&if=false&ts=1575794330201&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1575794330200.1137056459&it=1575794330115&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sun, 08 Dec 2019 08:38:50 GMT

POST
H2 200 initialize_widget Show response
slaask.com/api/ 23 KB
7 KB 546ms
495ms XHR
application/json 2606:4700:20::681a:e5a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://slaask.com/api/initialize_widget

Requested by

Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.7, cloud66

Resource Hash

a0950b55c7059403fb08d786a77a32aad68176ccf5d1f2d6403645871ef39d9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Origin: https://workof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger 5.3.7, cloud66
status: 200, 200 OK
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: ca8c4c6d-6a7b-4b11-9984-8031eb66cbbb
x-runtime: 0.088111
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"03f745f595d0471fb8fd3534f1987bde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://workof.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 541d6ce69e4fcba4-VIE

GET
H2 206 new.mp3
cdn.slaask.com/sounds/ 12 KB
12 KB 13ms
12ms Media
audio/mpeg 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.slaask.com/sounds/new.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / cloud66
Resource Hash: 403d74a04fd4e67b5b1e1538224429add94d917f35d34bbb65ddc4142170660d

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
via: 1.1 google
etag: "5de7f90a-3106"
last-modified: Wed, 04 Dec 2019 18:20:58 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: cloud66
status: 206
x-hw: 1575794331.cds070.fr8.hn,1575794331.cds129.fr8.c
content-type: audio/mpeg
content-range: bytes 0-12549/12550
cache-control: max-age=613230
accept-ranges: bytes
alt-svc: clear
content-length: 12550

GET
H2 206 send.mp3
cdn.slaask.com/sounds/ 12 KB
12 KB 13ms
12ms Media
audio/mpeg 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.slaask.com/sounds/send.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / cloud66
Resource Hash: 0d91fa8fb88307eb0eae41731e85b31c26b32d3883e760c5ddfad8fb05b914fd

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
via: 1.1 google
etag: "5dea613a-2f86"
last-modified: Fri, 06 Dec 2019 14:10:02 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: cloud66
status: 206
x-hw: 1575794331.cds070.fr8.hn,1575794331.cds129.fr8.c
content-type: audio/mpeg
content-range: bytes 0-12165/12166
cache-control: max-age=613230
accept-ranges: bytes
alt-svc: clear
content-length: 12166

GET
H2 200 css
fonts.googleapis.com/ 7 KB
711 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400,600,700

Requested by

Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

86853890df7e0086104918818412ba5c52bb24b51c2dad89a8807e58adc8dd6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 08 Dec 2019 08:38:51 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 08 Dec 2019 08:38:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 08 Dec 2019 08:38:51 GMT

POST
H2 200 send_logs Show response
slaask.com/api/ 575 B
573 B 546ms
546ms XHR
application/json 2606:4700:20::681a:e5a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://slaask.com/api/send_logs

Requested by

Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.7, cloud66

Resource Hash

00db316531f70cbdd1c34d0e242bd581c450a92b3f89d9dc621cb26e5128bf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Origin: https://workof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger 5.3.7, cloud66
status: 200, 200 OK
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: 645bfce6-bc2d-441b-a630-8fabfa63e0f5
x-runtime: 0.183449
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3d617201643ea9ba985bedfcbaa4cc38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://workof.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 541d6cea2fd6cba4-VIE

GET
H2 200 97a58f61-7d74-43f6-bae8-5187b1a22987-6f8eeea5-4343-49f2-9297-65b113098b68.jpg
uploads.slaask.com/avatars/ 27 KB
28 KB 300ms
141ms Image
image/jpeg 2606:4700:20::681a:e5a
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uploads.slaask.com/avatars/97a58f61-7d74-43f6-bae8-5187b1a22987-6f8eeea5-4343-49f2-9297-65b113098b68.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8faa13fd9fc6a09b6c3d855025bd7512d8a5dc3eb10374c4ab5ceb21a16f3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
cf-cache-status: MISS
x-amz-request-id: 780B1E880C2FA5F2
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 27667
x-amz-id-2: LTWdD5O9uZCjvsJ6XByBOlTggnexp/Y1X9zDSiOKyuFAKb+wUq5VnduPE0KF2DitzIJ/iuTr9ng=
last-modified: Fri, 15 Sep 2017 14:29:01 GMT
server: cloudflare
etag: "02c62c87bca2815d74d195153d8d3c71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-hw: 1575794331.cds104.fr8.hn,1575794331.cds004.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4338383
accept-ranges: bytes
cf-ray: 541d6ceb2f085a06-VIE

GET
H2 200 XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v12/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v12/XRXV3I6Li01BKofINeaBTMnFcQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Nunito:300,400,600,700
Origin: https://workof.com

Response headers

date: Thu, 21 Nov 2019 18:08:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 17:37:30 GMT
server: sffe
age: 1434629
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13992
x-xss-protection: 0
expires: Fri, 20 Nov 2020 18:08:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=988272644547265&ev=Microdata&dl=https%3A%2F%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&rl=https%3A%2F%2Ft.yesware.com%2Ftt%2Fbdd36958ea69892309d970d2e88db5e7bb73ec65%2F6440bda1179e4cdb516b5c84b402c8a6%2Fb042b3edb9bcc2aa62606b05b71ac890%2Fworkof.com%2F%26data%3D02%257C01%257CRyan.Deiter%40americansignature.com%257Cff1d2feecf39443a89a308d7510e68b5%257C5c02e89ab9684d4e960de62c7cd02766%257C1%257C0%257C637066994652072322%26sdata%3DSKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU%3D%26reserved%3D0&if=false&ts=1575794331710&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20page%20you%20were%20looking%20for%20doesn%27t%20exist%20(404)%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.14&r=stable&ec=1&o=30&fbp=fb.1.1575794330200.1137056459&it=1575794330115&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 08:38:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Sun, 08 Dec 2019 08:38:51 GMT

POST
H2 200 send_infos Show response
slaask.com/api/ 206 B
314 B 416ms
416ms XHR
application/json 2606:4700:20::681a:e5a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://slaask.com/api/send_infos

Requested by

Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.7, cloud66

Resource Hash

575a2c086845431eebd6618af857a1dcf1d42ece37c3a4be0a16569e408c57ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Origin: https://workof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 Dec 2019 08:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger 5.3.7, cloud66
status: 200, 200 OK
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: f6310162-2b59-4d55-9eb1-06fa75ca41b1
x-runtime: 0.054367
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"97fd3e614a988de1f8423d8681137c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://workof.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 541d6cedd96dcba4-VIE

POST
H2 200 renew_websocket_token Show response
slaask.com/api/ 138 B
349 B 369ms
368ms XHR
application/json 2606:4700:20::681a:e5a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://slaask.com/api/renew_websocket_token

Requested by

Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e5a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.7, cloud66

Resource Hash

0560133e8d02763334ef62c3f8d0b473406f961dee89026b101d293a02be1b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
Origin: https://workof.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 08 Dec 2019 08:38:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger 5.3.7, cloud66
status: 200, 200 OK
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: d3add1a3-08bc-432b-ad0e-01dc610d51c5
x-runtime: 0.006010
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5fd65530250907507c22cbb8a95420ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://workof.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 541d6cf03fdecba4-VIE

GET
H/1.1 200
OK 1 Show response
stats.pusher.com/timeline/v2/jsonp/ 80 B
228 B 356ms
86ms Script
application/javascript 54.144.234.173
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.pusher.com/timeline/v2/jsonp/1?session=NjI3MjQ3MjU4&bundle=MQ%3D%3D&key=MDUzMTY3NWQwMGU1ZDM2MDdiNTY%3D&lib=anM%3D&version=My4yLjQ%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE1NzU3OTQzMzE4MDN9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNTc1Nzk0MzMxODA0fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNTc1Nzk0MzMxODA1fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTU3NTc5NDMzMTgwNX0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTU3NTc5NDMzMTgwNn0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTU3NTc5NDMzMjE3OX0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIyNzQwNjQuMTU4NzY1NiJ9LCJ0aW1lc3RhbXAiOjE1NzU3OTQzMzIxODN9XQ%3D%3D
Requested by: Host: cdn.slaask.com
URL: https://cdn.slaask.com/chat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.234.173 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-144-234-173.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c31660b255f8bfda3cc0b37755a631bd27a963e38d843898954e52b269db6b6f

Request headers

Referer: https://workof.com/&data=02%7C01%7CRyan.Deiter@americansignature.com%7Cff1d2feecf39443a89a308d7510e68b5%7C5c02e89ab9684d4e960de62c7cd02766%7C1%7C0%7C637066994652072322&sdata=SKV4n5kvOlaHdm3kkJMX2uippHgIkw5Vpiv8PuMdlgU=&reserved=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 08 Dec 2019 08:38:52 GMT
Server: nginx
Connection: close
Content-Length: 80
Content-Type: application/javascript

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.slaask.com
cdn.zarget.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
slaask.com
stats.g.doubleclick.net
stats.pusher.com
t.yesware.com
uploads.slaask.com
workof.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.196.41
151.101.112.84
151.101.114.110
151.139.128.10
162.247.242.19
216.58.210.2
23.21.208.32
2606:4700:20::681a:665
2606:4700:20::681a:e5a
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:816::2002
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:819::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.144.234.173
003698218a4df5a39769a9c28ecc60753b5af7c4eae93a83f4588407aa5f324f
00db316531f70cbdd1c34d0e242bd581c450a92b3f89d9dc621cb26e5128bf01
0560133e8d02763334ef62c3f8d0b473406f961dee89026b101d293a02be1b99
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0d91fa8fb88307eb0eae41731e85b31c26b32d3883e760c5ddfad8fb05b914fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19c87f0cf5ee963ed08a612136d76a212111f023f020a80f77cedbee1a627031
2050801d47cf8932e9eedaacc2f5db0faf3c2784719ef9024b02169b0b5ebcc8
314adc98618ea6451b89e2c7ce17339a1e7c272f109cf4ae2f49b5fbb0655a32
403d74a04fd4e67b5b1e1538224429add94d917f35d34bbb65ddc4142170660d
575a2c086845431eebd6618af857a1dcf1d42ece37c3a4be0a16569e408c57ff
6be9dc372505ab1eead4dddcf4d87caea4b0cc2691dced231280aaee18f68cc6
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86853890df7e0086104918818412ba5c52bb24b51c2dad89a8807e58adc8dd6d
a0950b55c7059403fb08d786a77a32aad68176ccf5d1f2d6403645871ef39d9b
b59886b640741a761159a66512b5b8f427742dd85eb8c6edea25f50e533cb043
b9f83e479c511f39e75f7f5dbf2e48550e71c9dc297a6124dcc9bf3a0d868434
bb1289e8eb40007b11ec0f3fdcdc753868b2288c21a6123e3857b743e9d71567
c31660b255f8bfda3cc0b37755a631bd27a963e38d843898954e52b269db6b6f
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
d8faa13fd9fc6a09b6c3d855025bd7512d8a5dc3eb10374c4ab5ceb21a16f3b3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fecad32e0b644cd8266cfe71ac1409a04a1493ea7dacf9ccc5ee446a512a98ea

workof.com Open in urlscan Pro 2606:4700:20::681a:665 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

60 %IPv6

18 Domains

21 Subdomains

21 IPs

4 Countries

654 kBTransfer

1756 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

workof.com Open in urlscan Pro
2606:4700:20::681a:665 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

60 %
IPv6

18
Domains

21
Subdomains

21
IPs

4
Countries

654 kB
Transfer

1756 kB
Size

0
Cookies

30 HTTP transactions
2 data transactions