work.ink Open in urlscan Pro
2606:4700:20::ac43:45a0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://workink.me/2mM/TypeOrDieScriptNEW
Effective URL:
https://work.ink/2mM/TypeOrDieScriptNEW
Submission: On May 28 via manual (May 28th 2023, 1:18:14 am UTC) from RS — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:20::ac43:45a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink. The Cisco Umbrella rank of the primary domain is 767466.
TLS certificate: Issued by E1 on May 3rd 2023. Valid for: 3 months.

This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:d838	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2606:4700:20:... 2606:4700:20::ac43:45a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
23	7

1 2606:4700:3031::ac43:d838 (United States)

ASN13335 (CLOUDFLARENET, US)

workink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:45a0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b77 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect-api.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	work.ink 1 redirects work.ink — Cisco Umbrella Rank: 767466 redirect-api.work.ink — Cisco Umbrella Rank: 917250	316 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	386 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	29 KB
1	workink.me workink.me	639 B
23	4

	Domain	Requested by
13	work.ink	1 redirects workink.me work.ink
4	www.gstatic.com	www.google.com www.gstatic.com
3	www.google.com	work.ink www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	redirect-api.work.ink	work.ink
1	workink.me
23	6

This site contains no links.

Subject Issuer	Validity	Valid
workink.me E1	`2023-05-03` - `2023-08-01`	3 months	crt.sh
work.ink E1	`2023-05-03` - `2023-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://work.ink/2mM/TypeOrDieScriptNEW
Frame ID: 6607A9BA36694B17D61A6B13A8062FC5
Requests: 14 HTTP requests in this frame

Frame: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
Frame ID: 1C79AE054C0619A60A5DFF6BD95A0F78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=qhkjgjzbggwl
Frame ID: 602D0A8FD031BBEB95105873291B124B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Work.ink - Best Rekonise & Linkvertise alternative!

Page URL History Show full URLs

https://workink.me/2mM/TypeOrDieScriptNEW Page URL
https://work.ink/2mM/TypeOrDieScriptNEW Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

23
Requests

96 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

731 kB
Transfer

1949 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://workink.me/2mM/TypeOrDieScriptNEW Page URL
https://work.ink/2mM/TypeOrDieScriptNEW Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://work.ink/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 TypeOrDieScriptNEW
workink.me/2mM/ 324 B
639 B 176ms
122ms Document
text/html 2606:4700:3031::ac43:d838
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://workink.me/2mM/TypeOrDieScriptNEW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d838 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ce2a9741b4f35f1-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 May 2023 01:18:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR0Bc%2BMOG%2Btn2h7cGfuTd6Diu0a0utXxuFPYtysBWmvZZNCFYQ2SEnDsFPBkS%2FDB%2F7jIhU7zWDsXqQFgWTENcwbn02QWn%2FCrTkGdrFYIvDnS%2BvqMd6zuOM7oQ%2FFr1GXK%2FwNN1zE3e9oY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur

GET
H2 200 Primary Request TypeOrDieScriptNEW Show response
work.ink/2mM/ 4 KB
2 KB 173ms
131ms Document
text/html 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/2mM/TypeOrDieScriptNEW

Requested by

Host: workink.me
URL: https://workink.me/2mM/TypeOrDieScriptNEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2f22891f69450eb206d616173cd0b84561384f5d2c2bd23f91557fdb426bba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://workink.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ce2a97629f52d04-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 May 2023 01:18:08 GMT
last-modified: Thu, 25 May 2023 14:58:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIGIbuBnLLoxN%2Br4l1FS6O7VuPgGYWlQiBTdDN7qKfGrq7TYhfQT523Ajy%2FzbS0FEhWrmbh5gsahIg6yH3ql9rUKSBiR9rfuc0k7twCqS9xMtFvd8LP108mnjKnvpU7o574997ac"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: sameorigin

GET
H2 200 chunk-vendors.c41dddb8.js Show response
work.ink/js/ 581 KB
170 KB 33ms
32ms Script
application/x-javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/chunk-vendors.c41dddb8.js

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ad48c320c9d4033e1e1a7d60f35ef32a08cee307003d4fe8300454678f8f4f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5054
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-915f8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8c6AN89zzygg8pQzLYh4Gmt%2BNpUMgAPayw3rG%2FV%2BvFplios8aafNyc7v3Tk6d8VsMGfSz9NuYQqBd6fBdJp%2F1O5FFDum8K7OpeT8e3k8IEHtibgHjLubvvJX5%2B1lLlDPr01xDzP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7ce2a9770a992d04-FRA

GET
H2 200 app.6ac7ed09.js Show response
work.ink/js/ 264 KB
100 KB 23ms
22ms Script
application/x-javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/app.6ac7ed09.js

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7a5c8341c4d1a126dcb1c5df83b7a6447f4fca59e1f592a87d39890e8c48d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5054
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-42130"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDiK9kDTOu0rxcnXhnwzVCpq79HRlWn%2BfQ%2BtqAPRroqePqcwSX0Ua3ShMrk4%2BsjmJGwWbAv%2BpfaYV3XK31yVxWjukqjnrMBPal0GBzYVRhwfHazUJUQrll4Qa4eDiKTpZJe80dAE"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7ce2a9770a9e2d04-FRA

GET
H2 200 chunk-vendors.3ded2ec4.css
work.ink/css/ 51 KB
7 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/chunk-vendors.3ded2ec4.css

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5054
cf-polished: origSize=52731
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-cdfb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGnw7KXGEzuj2djxxp1twmm%2BYz%2FDakYgcY24t6OoGuXXt%2FfaP0R8m4RYci5A6%2BH9zNp%2Bian7Cfq8m48Ox0vvgRyQsjT4W39skV3kzqTv7c9z8EetdJjp38fYgot5f7Yh%2FMzgTkfm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7ce2a9770a9a2d04-FRA

GET
H2 200 app.f03758fa.css
work.ink/css/ 28 KB
6 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/app.f03758fa.css

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cbc8a56785ef84de284d8c2fd595a14fc0db93e55e2382eef28a1ab032fa693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5054
cf-polished: origSize=29190
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-7206"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoHoa%2FGBuMK0qywtEgMmYANF0INmCsXnvNbT3iQXfOpJYYe%2FdUSeu9DeiyjIvSQAkUXfomcLoeHd8IkUXn3Oyrvts2zaqodBNQ46TUopwxxkY4Be7N4LagBnLQeik3AzgJC98kF%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7ce2a9770a9c2d04-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
877 B 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.c41dddb8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

741056a493f69a0af5518426bac91721a86499d9acb7ad3f4cc5a5b13f6507fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 557
x-xss-protection: 1; mode=block
expires: Sun, 28 May 2023 01:18:08 GMT

GET
H2 200 ping Show response
redirect-api.work.ink/ 61 B
573 B 194ms
131ms Fetch
application/json 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect-api.work.ink/ping
Requested by: Host: work.ink
URL: https://work.ink/js/app.6ac7ed09.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0c525973727a5be4a938ffda54e71cf4ff4d5d4298e9df284d63ff94bdb0fc0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d-Q6RQs01CePxYhgowN4II1EftRbM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1cwNs9FsDJU5yXHU5CfkkuuhNcmhkF9HJ%2BbpYmOIruML3E1xNpG0R1R3b1tlJmLNmgQ5Rs0xtLeSnAgQU3UvOcW%2FLDI%2BQ%2B0uxGJyJtZ0YSVBSt8G3G9UsjFzs0IV0u5l3EupYqbxWzDL4Ha6P3pMZxGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7ce2a9782fd090e0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 workink-colorful-md.8d4b6dda.png
work.ink/img/ 6 KB
7 KB 28ms
27ms Image
image/webp 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-colorful-md.8d4b6dda.png

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3507
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="workink-colorful-md.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6626
cf-bgj: imgq:100,h2pri
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: "646f77b0-3ccc"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ6sRboJNYUzjyz%2FgsgvqJsy57xP2bVtsa%2BjquvloFKLWjlVOLb%2B%2BxSG1QScW7iiiyl95FKko0%2FI0Ch6ZXq1RCxFpHO4psBfCCyDUDI6c%2FHZBaPsU7oNyiKXER1jx6qZj0319x3B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ce2a977cf8839c2-FRA

GET
H3 200 loader.a62dee1e.svg
work.ink/img/ 593 B
812 B 28ms
27ms Image
image/svg+xml 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/loader.a62dee1e.svg

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2717
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-251"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRRTgxxhy%2BRaoCRq8UHPSDHV%2BgqqjKrGnHBOldL46gwqGVHWnn25hr%2BNnKSSuyXqEZihKKADFluPDrS3n3fLHNeteuNuKsRJ3BLnexBag5RsGJHucwBZpC51rmTbPgPUiPvskb1w"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7ce2a977cf8b39c2-FRA

GET
H3 200 workink-white-md.4be034e5.svg
work.ink/img/ 8 KB
3 KB 37ms
36ms Image
image/svg+xml 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-white-md.4be034e5.svg

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2mM/TypeOrDieScriptNEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 603
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 May 2023 14:58:56 GMT
server: cloudflare
etag: W/"646f77b0-2151"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahEOJVOB0%2FIM1AlfjAZwAYJPKIyufr9lDffqu98qm0RAoVHFxvAH9Ky6sgRkPA1HPICQKOfCP4o%2BJskvyyPhYp9xSGhsyZmE19y5U%2B807FwuVYS1ozfEo%2B1Ns%2BlsODg%2BBrByHt8G"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7ce2a977cf8c39c2-FRA

GET
H3

200

invisible.js Show response
work.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/ Frame 1C79
Redirect Chain

https://work.ink/cdn-cgi/challenge-platform/scripts/invisible.js
https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

26 KB
12 KB

17ms
17ms

Script
application/javascript

2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d41405778c96448f8727c28d2c98802a9f7cf00a3b925d8560ed442f4150d530

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vanGkQSeF8wJ0Jbn8IgPoQZUzvExG3c5dN%2FtoM%2FqxdDx%2BbupT8As84EpheTHb5cdxSQaMSkK0e2ouXCAftpuRT4WCIqdBIsdVjdoI7kG4wY1GWZoGWVMrqmlC3G5B840u9YbwoSa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ce2a9781fb339c2-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 28 May 2023 01:18:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axTdy5Y0xD4EaTYUNf05tvODMDMKsHXcy0sVg22rr5QamluH03%2Bi42FEnCAdUc5yb2zpUtyLye5HrCPwP68EGJlm1lt3BO8A5EfmufMiouj4EEBxJccU0wp0ZeoO4NM1XZ9hOpv1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/938e2b5c/invisible.js
cache-control: max-age=300, public
cf-ray: 7ce2a977df9439c2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 s.js Show response
work.ink/cdn-cgi/zaraz/ 6 KB
3 KB 22ms
22ms Script
text/javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC4xMjU1NjMwOTU5NTI2ODQ1NiUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd29yay5pbmslMkYybU0lMkZUeXBlT3JEaWVTY3JpcHRORVclMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JraW5rLm1lJTJGJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93171da065c5dd0ecc1498adbaa404c512665c13d14f25c5d03725b01e9c3fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYenU1Q2%2BSZfR3OQuiH%2B1xWJ%2BowaDhxAlIOzZ5jWHyx5OSg46Nqad0KdKeNOufYvaHrFz42wqB168tVlN%2F0uE%2BpefrCHycWT2yLkIk52LdYZrgnleLYmMs18NM%2Fqkm%2B9gy%2F9KfVQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7ce2a977df9639c2-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ 410 KB
165 KB 41ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 14:16:43 GMT

GET
H3 200 pica.js
work.ink/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1C79 6 KB
3 KB 22ms
22ms Other
application/javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/pica.js

Requested by

Host: work.ink
URL: https://work.ink/2mM/TypeOrDieScriptNEW

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef0b8d2f5b5869aa3ab441022eb68ac8b916e0aabdc63ff432839d2c45b937f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THgj7VaUt%2F0gPKEwzz5bFUSlo6LYk01E9Bzsib9MJaqgcwolysxSUc5Y4vyAAmlkJ01go8p1%2FLVSW41ldOP0kr43LmNR1VTpmFGUBSmzGE4JAM4GaT0RwPjhiFpEPbJ9rDi7EhLK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ce2a9783fc739c2-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 602D 51 KB
28 KB 30ms
29ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=qhkjgjzbggwl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

716f483004883c13a731462302a683c46e100bfee3c75ff4048c9df3e687c4cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ce1JeWrNF029CLwaaWKodg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28402
content-security-policy: script-src 'report-sample' 'nonce-Ce1JeWrNF029CLwaaWKodg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 28 May 2023 01:18:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 7ce2a97629f52d04 Show response
work.ink/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1C79 2 B
602 B 23ms
21ms XHR
text/plain 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/cv/result/7ce2a97629f52d04
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 May 2023 01:18:09 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tENyY6iy%2FMzRrRCjMjDjd4NIlwHNogmez8nhcuJCuo2UbQvcIgrnM0NWFXCTivLNU7HOtEshD6nj%2FrravAgZlY1B94qM2Qt%2FYMadiXUL41J1C8b1NguZ6PMd3DcviCVJR0vjxrcU"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7ce2a97a393a39c2-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 602D 55 KB
24 KB 31ms
9ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=qhkjgjzbggwl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 23:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 May 2024 23:22:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 602D 410 KB
164 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 14:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168302
x-xss-protection: 0
last-modified: Mon, 22 May 2023 20:58:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 14:16:43 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 602D 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:52:35 GMT
x-content-type-options: nosniff
age: 8734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 03 Jun 2023 22:52:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 602D 15 KB
16 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 19:55:37 GMT
x-content-type-options: nosniff
age: 364952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 May 2024 19:55:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 602D 15 KB
15 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 9398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 22:41:31 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 602D 102 B
134 B 16ms
15ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=qhkjgjzbggwl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 01:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 28 May 2023 01:18:09 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.work.ink/	1970-01-20 21:43:16	Name: _ga Value: dcaf0c82-a24b-4360-8072-3ba3e95f76ef
			.work.ink/	1970-01-20 12:07:18	Name: __cf_bm Value: Nlpwvzo4KrTmfOuI7oufUtbAZWGs8kVKDIWn.t2w8is-1685236689-0-AV1ohA2Im5uNwD+VQz3zR7aeskFgVZG7h+dKz37OymXdG/yUrCmicqbnGVHzKbwZX0o5exDaeOa3wH4sapWbC3ll5FoiUFQNwUCr3RiC0mwa

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
redirect-api.work.ink
work.ink
workink.me
www.google.com
www.gstatic.com
2606:4700:20::681a:b77
2606:4700:20::ac43:45a0
2606:4700:3031::ac43:d838
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2003
0c525973727a5be4a938ffda54e71cf4ff4d5d4298e9df284d63ff94bdb0fc0d
13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411
15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1ad48c320c9d4033e1e1a7d60f35ef32a08cee307003d4fe8300454678f8f4f8
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cbc8a56785ef84de284d8c2fd595a14fc0db93e55e2382eef28a1ab032fa693
716f483004883c13a731462302a683c46e100bfee3c75ff4048c9df3e687c4cc
741056a493f69a0af5518426bac91721a86499d9acb7ad3f4cc5a5b13f6507fe
8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb
93171da065c5dd0ecc1498adbaa404c512665c13d14f25c5d03725b01e9c3fc5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9e2831acb97097ce89e609e9ff841c6c6293ffeb1ce3e2acc07dfcdeeaa621fd
b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538
d41405778c96448f8727c28d2c98802a9f7cf00a3b925d8560ed442f4150d530
d7bd1344379eb2ac9631066d92e8675977cfdac8dd9ce4b751c01c3f13725a87
ef7a5c8341c4d1a126dcb1c5df83b7a6447f4fca59e1f592a87d39890e8c48d0
f2f22891f69450eb206d616173cd0b84561384f5d2c2bd23f91557fdb426bba6
fef0b8d2f5b5869aa3ab441022eb68ac8b916e0aabdc63ff432839d2c45b937f

work.ink Open in urlscan Pro 2606:4700:20::ac43:45a0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

100 %IPv6

4 Domains

6 Subdomains

7 IPs

2 Countries

731 kBTransfer

1949 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

2 Cookies

Indicators

work.ink Open in urlscan Pro
2606:4700:20::ac43:45a0 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

7
IPs

2
Countries

731 kB
Transfer

1949 kB
Size

2
Cookies

23 HTTP transactions
1 data transactions