urlscan.io logo urlscan.io
SecurityTrails logo

www.cor.works Open in urlscan Pro
52.7.227.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cor.works/
Effective URL: https://www.cor.works/login
Submission: On February 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 36 HTTP transactions. The main IP is 52.7.227.122, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cor.works.
TLS certificate: Issued by Amazon on August 20th 2019. Valid for: a year.
This is the only time www.cor.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    52.7.227.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-227-122.compute-1.amazonaws.com
www.cor.works
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    13.224.197.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-90.fra2.r.cloudfront.net
d24n15hnbwhuhn.cloudfront.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
www.googleadservices.com
1    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
8 www.cor.works 2 redirects www.cor.works
5 fonts.gstatic.com www.cor.works
4 www.facebook.com www.cor.works
3 www.google-analytics.com 1 redirects www.cor.works
3 connect.facebook.net www.cor.works
connect.facebook.net
2 api.hubspot.com js.usemessages.com
www.cor.works
2 www.google.de www.cor.works
2 www.google.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com js.hsadspixel.net
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 stats.g.doubleclick.net 1 redirects
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 d24n15hnbwhuhn.cloudfront.net www.cor.works
1 js.hs-scripts.com www.cor.works
1 fonts.googleapis.com www.cor.works
36 20

This site contains no links.

Subject Issuer Validity Valid
cor.works
Amazon		 2019-08-20 -
2020-09-20		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
ssl803643.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
ssl817703.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-21 -
2020-07-29		 6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-06 -
2020-05-14		 6 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh
hubapi.com
CloudFlare Inc ECC CA-2		 2020-01-21 -
2020-10-09		 9 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.cor.works/login
Frame ID: 3067C3B8D38841FD952EED076F0F3B16
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.cor.works/ HTTP 301
    https://www.cor.works/ HTTP 302
    https://www.cor.works/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

36
Requests

100 %
HTTPS

85 %
IPv6

18
Domains

20
Subdomains

20
IPs

4
Countries

669 kB
Transfer

1826 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cor.works/ HTTP 301
    https://www.cor.works/ HTTP 302
    https://www.cor.works/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1801612419&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cor.works%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=127835211&gjid=1286554944&cid=1792507838.1581937626&tid=UA-63155060-1&_gid=1135876676.1581937626&_r=1&z=829618846 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_gid=1135876676.1581937626&gjid=1286554944&_v=j81&z=829618846 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846&slf_rd=1&random=1965679578

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.cor.works/
Redirect Chain
  • http://www.cor.works/
  • https://www.cor.works/
  • https://www.cor.works/login
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8200416c1e399e5c642fa4e4cac5883a283ae1514cd3818b0ef77c244124b6ac

Request headers

:method
GET
:authority
www.cor.works
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=azBHhIpPULPut7U3U4SOIDQCUT0T8ft8rNJDd1ru; v2dkjfoaij-uiu-fls9kdj7f3ek5j-v2=j7hpgXPRlu0LvCwLdyIqXJevPs8zViCzyWXWgcdI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

status
200
date
Mon, 17 Feb 2020 11:07:05 GMT
content-type
text/html; charset=UTF-8
content-length
4680
server
Apache/2.4.18 (Ubuntu)
cache-control
no-cache
set-cookie
XSRF-TOKEN=azBHhIpPULPut7U3U4SOIDQCUT0T8ft8rNJDd1ru; expires=Sun, 17-May-2020 11:07:05 GMT; Max-Age=7776000; path=/ v2dkjfoaij-uiu-fls9kdj7f3ek5j-v2=j7hpgXPRlu0LvCwLdyIqXJevPs8zViCzyWXWgcdI; expires=Sun, 17-May-2020 11:07:05 GMT; Max-Age=7776000; path=/; HttpOnly
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
date
Mon, 17 Feb 2020 11:07:05 GMT
content-type
text/html; charset=UTF-8
content-length
352
location
https://www.cor.works/login
server
Apache/2.4.18 (Ubuntu)
cache-control
no-cache
set-cookie
XSRF-TOKEN=azBHhIpPULPut7U3U4SOIDQCUT0T8ft8rNJDd1ru; expires=Sun, 17-May-2020 11:07:05 GMT; Max-Age=7776001; path=/ v2dkjfoaij-uiu-fls9kdj7f3ek5j-v2=j7hpgXPRlu0LvCwLdyIqXJevPs8zViCzyWXWgcdI; expires=Sun, 17-May-2020 11:07:05 GMT; Max-Age=7776001; path=/; HttpOnly
compiled-login-dc818e0264.css
www.cor.works/build/assets/css/ 		108 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cor.works/build/assets/css/compiled-login-dc818e0264.css
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
185aae5d1ea49b630aacac03f5ecfbf7c336a446f162c356d2727a19344084a6

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
last-modified
Sun, 16 Feb 2020 17:13:42 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"1b0ef-59eb48f87081e-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
18258
compiled-login-dfca8a7e91.js
www.cor.works/build/assets/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cor.works/build/assets/js/compiled-login-dfca8a7e91.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
92ccdde575a939e86221ef5649c7781b9d1a2a6f3eb0516e7ba7c3a85b9c764d

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
last-modified
Sun, 16 Feb 2020 17:13:42 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"161cb-59eb48f869abf-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
31029
css
fonts.googleapis.com/ 		1 KB
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8ad42f8f89d750a064ba44a456bbc1cd366fe6b0f9a9859a5ca9ad7a0efb092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
access-control-allow-origin
*
date
Mon, 17 Feb 2020 11:07:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 17 Feb 2020 11:07:05 GMT
corapp_logo_dark.png
www.cor.works/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cor.works/images/corapp_logo_dark.png
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6a283e01696f6f4c85103be0c037e235f9fb6116b03fe1cc8fc194b6296b9e09

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
last-modified
Sun, 16 Feb 2020 17:13:40 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"4801-59eb48f5f1db8"
content-type
image/png
status
200
accept-ranges
bytes
content-length
18433
2960453.js
js.hs-scripts.com/ 		1 KB
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2960453.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c2e5a8ba4de10b25081ac3343323a01af797533d39b956be018f0c625f31b

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
status
200
access-control-max-age
3600
content-length
495
server
cloudflare
x-trace
2BCD102A6D0AA892C9751D3E33AEE55473B9F40201000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.cor.works
cache-control
public, max-age=60
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
56674bad8f48c2bd-FRA
expires
Mon, 17 Feb 2020 11:08:05 GMT
compiled-gaFunnel-98659c4ebe.js
www.cor.works/build/assets/js/ 		503 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cor.works/build/assets/js/compiled-gaFunnel-98659c4ebe.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5ef081df32915aff6b95952187e99192bdcbc2f87676dac0f4b97070f2d930bb

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
last-modified
Sun, 16 Feb 2020 17:13:42 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"1f7-59eb48f86aa5f-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
277
amplitude-3.4.1-min.gz.js
d24n15hnbwhuhn.cloudfront.net/libs/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-3.4.1-min.gz.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.197.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-197-90.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b14d6e21c0373a92f15d4efbbbb23d46e691a4f319cfefb4d82b62aa9788d378

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

Date
Thu, 24 Oct 2019 23:46:07 GMT
Content-Encoding
gzip
Age
9976859
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
20470
Last-Modified
Mon, 21 Oct 2019 15:45:34 GMT
Server
AmazonS3
ETag
"db7d97158ecf4e497a75d3491c0ff36b"
x-amz-version-id
t6bvUbcoGubFDTg80b_wpxAHI24O4K7v
Via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
uTG_8P3cZBXKEA1jNqnbgqaBhOapIebQgCspt5SH_xeC6OrToTNREQ==
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
jB1XyeWZzYd27iywsAQDJaRazYHjP92DjEIvcsIdelWH0utTNAcDEg3s+YU4LF2JcMqwgNotdPTCpJXRqMVQeQ==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 11:07:05 GMT, Mon, 17 Feb 2020 11:07:05 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		625 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04b741b46e0d7b37bcf31ed709f13e23fb5ff6b00c9220245b4b414864bd8830

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmSU5fBBc-.woff
fonts.gstatic.com/s/roboto/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc-.woff
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76b05400fff9da5b43862e3713099e3913916a629560265ed24b19d031227cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin
https://www.cor.works
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Fri, 31 Jan 2020 21:49:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:54 GMT
server
sffe
age
1430247
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20348
x-xss-protection
0
expires
Sat, 30 Jan 2021 21:49:38 GMT
KFOmCnqEu92Fr1Mu4mxM.woff
fonts.gstatic.com/s/roboto/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxM.woff
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin
https://www.cor.works
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Tue, 04 Feb 2020 19:34:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
1092734
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20268
x-xss-protection
0
expires
Wed, 03 Feb 2021 19:34:51 GMT
bg_login_02.jpg
www.cor.works/images/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cor.works/images/bg_login_02.jpg
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.227.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-227-122.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e6a306d43d21edde08a61f2f621bb2c8b709b3a42bd84e2773d7b4e0faea6ff6

Request headers

Referer
https://www.cor.works/build/assets/css/compiled-login-dc818e0264.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
last-modified
Sun, 16 Feb 2020 17:13:40 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"1d74d-59eb48f5f0e19"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
120653
KFOkCnqEu92Fr1MmgVxIIzQ.woff
fonts.gstatic.com/s/roboto/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzQ.woff
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4ead4de9f7aff237d06b530ead8413d1357427f6a925944342bb4e2b1dce6d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin
https://www.cor.works
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Fri, 31 Jan 2020 17:20:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:33 GMT
server
sffe
age
1446422
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20368
x-xss-protection
0
expires
Sat, 30 Jan 2021 17:20:03 GMT
KFOlCnqEu92Fr1MmWUlfBBc-.woff
fonts.gstatic.com/s/roboto/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc-.woff
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
806ea46c426af8fc24e5cf42a210228739696933d36299eb28aee64f69fc71f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin
https://www.cor.works
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Tue, 04 Feb 2020 07:06:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
1137608
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20356
x-xss-protection
0
expires
Wed, 03 Feb 2021 07:06:57 GMT
KFOlCnqEu92Fr1MmEU9fBBc-.woff
fonts.gstatic.com/s/roboto/v20/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc-.woff
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba98f991d002c6bfaaf7b874652ffdcde9261a86925db87df3ed2861ea080adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin
https://www.cor.works
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Tue, 04 Feb 2020 04:40:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
1146425
content-type
font/woff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
20464
x-xss-protection
0
expires
Wed, 03 Feb 2021 04:40:00 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2013
date
Mon, 17 Feb 2020 10:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 12:33:32 GMT
fb.js
js.hsadspixel.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbc6e6e201648a797a1a70459fb94149e8245fcac93a066963cbb08cb7f08ae3

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
via
1.1 f7a968b55c3516da72549b98f99704a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
170
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
gzip
x-amz-version-id
wLHxFQo4.UHGjY7LpiTI8YXD7oOxmPVx
last-modified
Mon, 10 Feb 2020 05:54:42 GMT
server
cloudflare
etag
W/"a3c820f15fc2d32ccf32bcded41dc23b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
56674bafa9b2c2f9-FRA
x-amz-cf-id
9nzB_YIZxkadXgQqtLRs_J_tg_5vY3jbtJrAJXuvzba9kR-SSPzVyg==
conversations-embed.js
js.usemessages.com/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d384100a69b392d9cba10d45e1c690eb8f1c95f12e02c6f37e70134c7146b5d5

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
via
1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
495
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
x-amz-version-id
Tb4qAH57zXvyA3b9KJOjnGdnqNJTFAL5
last-modified
Fri, 14 Feb 2020 06:02:04 GMT
server
cloudflare
etag
W/"d982215a7d1d61f9afcd465f816412ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
x-amz-cf-pop
IAD89-C3
cf-ray
56674bafc8d5d6f1-FRA
x-amz-cf-id
AMgsHWRdXLcPTuKWzj0BajFMmARKu5AaPiySvxSAXnJbdfMjwLpUqQ==
2960453.js
js.hs-analytics.net/analytics/1581937500000/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1581937500000/2960453.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bf7dcfddbdc4991a20c49c3c2cf80601ce0a56f6d7cd57eb02168f73fc760b

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
26F034C282AE1975
status
200
content-type
text/javascript
x-amz-id-2
rc/NgcQJOFzwSy5HNiHUTFNZH5TqopR0Ykm/7bz5FDX5WGKHVrx/dDWx1p6fZOzqi8F40k1m8/I=
last-modified
Wed, 12 Feb 2020 16:05:58 GMT
server
cloudflare
etag
W/"1f4b331b0d76775feb80c1db89fd3e46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
56674bafaff5c2e0-FRA
expires
Mon, 17 Feb 2020 11:12:05 GMT
473120943447503
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/473120943447503?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79244b99e7bd978d1007d375faba024f9e6221bc8ec08fde8f32008e23265650
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
NYyTRdWAh7CBE9uET3+R5sKEa93YMSAixNXSOpMcVvu8A0nwhb/KGpfhuBj9Gh1MCJ7Wri9Ua2le/VI9ccyTCg==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 11:07:05 GMT, Mon, 17 Feb 2020 11:07:05 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1801612419&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cor.works%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBA...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_gid=1135876676.1581937626&gjid=1286554944&_v=j81&z=829618846
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846&slf_rd=1&random=1965679578
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846&slf_rd=1&random=1965679578
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:07:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:07:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-63155060-1&cid=1792507838.1581937626&jid=127835211&_v=j81&z=829618846&slf_rd=1&random=1965679578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		23 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2960453&conversations-embed=static-1.5930&mobile=false&messagesUtk=37dd092c7bf64c1da9b957b9257052f1&traceId=37dd092c7bf64c1da9b957b9257052f1
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
GET
Origin
https://www.cor.works
Referer
https://www.cor.works/login
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Access-Control-Request-Headers
x-hubspot-messages-uri

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
23
allow
HEAD,GET,OPTIONS,PUT
server
cloudflare
x-trace
2B6D07047C44A475E6428F901813961C7D0881C89D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.cor.works
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
56674bb00c41644f-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
293631984469561
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/293631984469561?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17f14c5f58645991de1682d935fab4f8b63154c03adcc00f564c6e676341394e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
CgGK4O4+CB0WUORCiCWDPu4b5cK6uCOOHoVlq7Dg7w6RUkvtTJ2g3u289qKwtzL2c+vP0DD4ACPiYdZcwgGK2g==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 11:07:05 GMT, Mon, 17 Feb 2020 11:07:05 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=473120943447503&ev=PageView&dl=https%3A%2F%2Fwww.cor.works%2Flogin&rl=&if=false&ts=1581937625643&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581937625643.2105272849&it=1581937625550&coo=false&rqm=GET
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT, Mon, 17 Feb 2020 11:07:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 11:07:05 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		261 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2960453&conversations-embed=static-1.5930&mobile=false&messagesUtk=37dd092c7bf64c1da9b957b9257052f1&traceId=37dd092c7bf64c1da9b957b9257052f1
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01756e03d789f2fccce439a43e9979a82fe999a68bdf45e601f7b3da5e5365c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.cor.works/login
Origin
https://www.cor.works
Sec-Fetch-Dest
empty
X-HubSpot-Messages-Uri
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
content-length
206
server
cloudflare
x-trace
2B934F31A6DFC2329FF86E0523E180DECE97401319000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cor.works
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
56674bb0bcce644f-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
/
www.facebook.com/tr/ 		44 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293631984469561&ev=PageView&dl=https%3A%2F%2Fwww.cor.works%2Flogin&rl=&if=false&ts=1581937625730&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581937625643.2105272849&it=1581937625550&coo=false&rqm=GET
Requested by
Host: www.cor.works
URL: https://www.cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT, Mon, 17 Feb 2020 11:07:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 11:07:05 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/ 		56 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/json?portalId=2960453
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce21d4496d7d8947cd96c10f7adc6ce2533746658e39e73aa8f8fa31ce465b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.cor.works/login
Origin
https://www.cor.works
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
x-trace
2B4CFE3797233E34AE68B4DC49C247C45857DCFCC1000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.cor.works
access-control-allow-credentials
false
cf-ray
56674bb0effc3248-FRA
access-control-allow-headers
*
__ptq.gif
track.hubspot.com/ 		45 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2123243726&v=1.1&a=2960453&pu=https%3A%2F%2Fwww.cor.works%2Flogin&t=Login&cts=1581937625744&vi=a45220f2eb1ea93bc63d2a4ddbca44d1&nc=true&u=25723362.a45220f2eb1ea93bc63d2a4ddbca44d1.1581937625740.1581937625740.1581937625740.1&b=25723362.1.1581937625741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
56674bb10a17d6d9-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=1801612419&t=timing&_s=2&dl=https%3A%2F%2Fwww.cor.works%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1296&pdt=0&dns=0&rrt=615&srt=145&tcp=0&dit=1093&clt=1093&_gst=1092&_gbt=1111&_u=IEBAAEAB~&jid=&gjid=&cid=1792507838.1581937626&tid=UA-63155060-1&_gid=1135876676.1581937626&z=156471209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 18:39:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1096066
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-920403377
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c2cc8f5213ffc832f46b5be4a0c600819a2edc3afde8792c127d772d396b9b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28495
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 11:07:05 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-920403377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
8273558640064030436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 17 Feb 2020 11:07:05 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/920403377/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/920403377/?random=1581937625912&cv=9&fst=1581937625912&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cor.works%2Flogin&tiba=Login&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f44fc27fad878d5d53e108837fb9225fab9bdafe2451ebbd102c16fb205c87ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1005
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/920403377/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/920403377/?random=1581937625912&cv=9&fst=1581937200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cor.works%2Flogin&tiba=Login&async=1&fmt=3&is_vtc=1&random=680896378&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:07:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/920403377/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/920403377/?random=1581937625912&cv=9&fst=1581937200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.cor.works%2Flogin&tiba=Login&async=1&fmt=3&is_vtc=1&random=680896378&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 11:07:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=473120943447503&ev=Microdata&dl=https%3A%2F%2Fwww.cor.works%2Flogin&rl=&if=false&ts=1581937627146&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581937625643.2105272849&it=1581937625550&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:07 GMT, Mon, 17 Feb 2020 11:07:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 11:07:07 GMT
/
www.facebook.com/tr/ 		44 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=293631984469561&ev=Microdata&dl=https%3A%2F%2Fwww.cor.works%2Flogin&rl=&if=false&ts=1581937627232&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1581937625643.2105272849&it=1581937625550&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 11:07:07 GMT, Mon, 17 Feb 2020 11:07:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 11:07:07 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| register function| $ function| jQuery object| amplitude function| fbq function| _fbq object| pw object| cb boolean| mask string| GoogleAnalyticsObject function| ga object| gaFunnel object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| PIXELS_RAN object| _hsq boolean| hubspot_live_messages_running object| HubSpotConversations object| _paq boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| dataLayer object| google_tag_manager function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

11 Cookies

Domain/Path Name / Value
.cor.works/ Name: hubspotutk
Value: a45220f2eb1ea93bc63d2a4ddbca44d1
.cor.works/ Name: __hssc
Value: 25723362.1.1581937625741
.cor.works/ Name: __hstc
Value: 25723362.a45220f2eb1ea93bc63d2a4ddbca44d1.1581937625740.1581937625740.1581937625740.1
.cor.works/ Name: __hssrc
Value: 1
.cor.works/ Name: amplitude_idcor.works
Value: eyJkZXZpY2VJZCI6IjA3ZDc5ZjcyLWZjMzAtNDJiMy1hMTQzLTdmYWFlZDg4NDRlOFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTU4MTkzNzYyNTY5NywibGFzdEV2ZW50VGltZSI6MTU4MTkzNzYyNTY5NywiZXZlbnRJZCI6MCwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjB9
.cor.works/ Name: _fbp
Value: fb.1.1581937625643.2105272849
.cor.works/ Name: _ga
Value: GA1.2.1792507838.1581937626
www.cor.works/ Name: v2dkjfoaij-uiu-fls9kdj7f3ek5j-v2
Value: j7hpgXPRlu0LvCwLdyIqXJevPs8zViCzyWXWgcdI
.cor.works/ Name: _gat
Value: 1
.cor.works/ Name: _gid
Value: GA1.2.1135876676.1581937626
www.cor.works/ Name: XSRF-TOKEN
Value: azBHhIpPULPut7U3U4SOIDQCUT0T8ft8rNJDd1ru

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 473120943447503.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
connect.facebook.net
d24n15hnbwhuhn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
stats.g.doubleclick.net
track.hubspot.com
www.cor.works
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.197.90
216.58.208.34
2606:4700::6810:f905
2606:4700::6810:fa05
2606:4700::6811:43b0
2606:4700::6811:71b0
2606:4700::6811:c8cc
2606:4700::6811:d5cc
2606:4700::6811:ebcc
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:817::2002
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.7.227.122
04b741b46e0d7b37bcf31ed709f13e23fb5ff6b00c9220245b4b414864bd8830
09bf7dcfddbdc4991a20c49c3c2cf80601ce0a56f6d7cd57eb02168f73fc760b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17f14c5f58645991de1682d935fab4f8b63154c03adcc00f564c6e676341394e
185aae5d1ea49b630aacac03f5ecfbf7c336a446f162c356d2727a19344084a6
1c2cc8f5213ffc832f46b5be4a0c600819a2edc3afde8792c127d772d396b9b0
3e5f27d5e5d92a7499b2c01025e9d8f6c78effa35afbe71156159a221be6cece
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ef081df32915aff6b95952187e99192bdcbc2f87676dac0f4b97070f2d930bb
6a283e01696f6f4c85103be0c037e235f9fb6116b03fe1cc8fc194b6296b9e09
76b05400fff9da5b43862e3713099e3913916a629560265ed24b19d031227cbf
79244b99e7bd978d1007d375faba024f9e6221bc8ec08fde8f32008e23265650
806ea46c426af8fc24e5cf42a210228739696933d36299eb28aee64f69fc71f1
8200416c1e399e5c642fa4e4cac5883a283ae1514cd3818b0ef77c244124b6ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92ccdde575a939e86221ef5649c7781b9d1a2a6f3eb0516e7ba7c3a85b9c764d
b14d6e21c0373a92f15d4efbbbb23d46e691a4f319cfefb4d82b62aa9788d378
ba98f991d002c6bfaaf7b874652ffdcde9261a86925db87df3ed2861ea080adf
c01756e03d789f2fccce439a43e9979a82fe999a68bdf45e601f7b3da5e5365c
c1dc87f99c7ff228806117d58f085c6c573057fa237228081802b7d8d3cf7684
c4ead4de9f7aff237d06b530ead8413d1357427f6a925944342bb4e2b1dce6d0
cbc6e6e201648a797a1a70459fb94149e8245fcac93a066963cbb08cb7f08ae3
ce21d4496d7d8947cd96c10f7adc6ce2533746658e39e73aa8f8fa31ce465b54
d12c2e5a8ba4de10b25081ac3343323a01af797533d39b956be018f0c625f31b
d384100a69b392d9cba10d45e1c690eb8f1c95f12e02c6f37e70134c7146b5d5
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e6a306d43d21edde08a61f2f621bb2c8b709b3a42bd84e2773d7b4e0faea6ff6
e8ad42f8f89d750a064ba44a456bbc1cd366fe6b0f9a9859a5ca9ad7a0efb092
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44fc27fad878d5d53e108837fb9225fab9bdafe2451ebbd102c16fb205c87ae