work.ink Open in urlscan Pro
2606:4700:20::ac43:45a0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Submission: On November 28 via manual (November 28th 2022, 2:26:22 pm UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 31 domains to perform 102 HTTP transactions. The main IP is 2606:4700:20::ac43:45a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink. The Cisco Umbrella rank of the primary domain is 879551.
TLS certificate: Issued by E1 on November 7th 2022. Valid for: 3 months.

This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:20:... 2606:4700:20::ac43:45a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
5	2600:9000:21f... 2600:9000:21f3:1a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:c5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:a77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:b800:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:5c00:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.66.115 35.156.66.115	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:2240:8600:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	50.18.102.42 50.18.102.42	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:5600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:2251:de00:19:8cab:9c00:21	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	172.64.199.35 172.64.199.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.97.24 18.66.97.24	16509 (AMAZON-02) (AMAZON-02)
3	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:829::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.49.92.250 52.49.92.250	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	() ()
102	39

16 2606:4700:20::ac43:45a0 (United States)

ASN13335 (CLOUDFLARENET, US)

work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:1a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c5c (United States)

ASN13335 (CLOUDFLARENET, US)

b.sf-syn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a77 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect-api.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:b800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5c00:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.66.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-66-115.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:8600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.18.102.42 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-102-42.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:5600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:de00:19:8cab:9c00:21 (United States)

ASN16509 (AMAZON-02, US)

d1zjr9cc2zx7cg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.199.35 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net

poleonaryprac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

enaceanspection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200d (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.92.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	work.ink work.ink — Cisco Umbrella Rank: 879551 redirect-api.work.ink	236 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 93 img.youtube.com — Cisco Umbrella Rank: 3446	785 KB
9	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 accounts.google.com — Cisco Umbrella Rank: 123	57 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	410 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 static.doubleclick.net — Cisco Umbrella Rank: 350	162 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3237 test.cmp.quantcast.com — Cisco Umbrella Rank: 7734 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 8790	186 KB
5	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 11740 router.infolinks.com — Cisco Umbrella Rank: 4593	59 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 434 mug.criteo.com — Cisco Umbrella Rank: 1897	1 KB
3	enaceanspection.com enaceanspection.com	1 KB
2	4dex.io script.4dex.io	24 KB
2	poleonaryprac.com poleonaryprac.com	2 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 20025	101 KB
2	cloudfront.net d1zjr9cc2zx7cg.cloudfront.net	54 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2021	106 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2890	45 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 88348 thisiswaldo.com — Cisco Umbrella Rank: 72904	102 KB
2	sf-syn.com b.sf-syn.com — Cisco Umbrella Rank: 194355	3 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	165 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	385 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1951	312 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 3151	291 B
1	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 277
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	632 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1294	10 KB
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 94406	463 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 635	62 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1006	210 B
0	rlcdn.com Failed api.rlcdn.com Failed
0	ytimg.com Failed i.ytimg.com Failed
0	ggpht.com Failed yt3.ggpht.com Failed
102	31

	Domain	Requested by
16	work.ink	work.ink
6	www.youtube.com	work.ink www.youtube.com
5	img.youtube.com	work.ink
5	www.google.com	work.ink www.gstatic.com www.google.com www.youtube.com
5	cmp.quantcast.com	work.ink cmp.quantcast.com
4	accounts.google.com	2 redirects work.ink
4	fonts.gstatic.com	www.youtube.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	enaceanspection.com	work.ink
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
3	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com
3	router.infolinks.com	resources.infolinks.com
2	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	poleonaryprac.com	d1zjr9cc2zx7cg.cloudfront.net
2	pogothere.xyz	d1zjr9cc2zx7cg.cloudfront.net
2	d1zjr9cc2zx7cg.cloudfront.net	work.ink poleonaryprac.com
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	b.sf-syn.com	work.ink
2	resources.infolinks.com	work.ink
2	pagead2.googlesyndication.com	work.ink pagead2.googlesyndication.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	jnn-pa.googleapis.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.facebook.com	work.ink
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ipfind.co	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	cdn.thisiswaldo.com	work.ink
1	test.cmp.quantcast.com	cmp.quantcast.com
1	redirect-api.work.ink	work.ink
1	cdn.taboola.com	work.ink
0	api.rlcdn.com Failed	ads.pubmatic.com
0	i.ytimg.com Failed	www.youtube.com
0	yt3.ggpht.com Failed	www.youtube.com
102	42

This site contains no links.

Subject Issuer	Validity	Valid
*.work.ink E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cmp.quantcast.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2022-06-01` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
thisiswaldo.com R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
ipfind.co Amazon	`2022-01-03` - `2023-02-01`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pogothere.xyz E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
poleonaryprac.com Amazon RSA 2048 M01	`2022-11-23` - `2023-12-22`	a year	crt.sh
*.enaceanspection.com GTS CA 1P5	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Frame ID: 5E0AFDFA498D841562CCFE42CC563173
Requests: 68 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2kM%2FFirstWorkingTheMimicALlInOne
Frame ID: E7E411AC41F56F0DAE0B5B2CFDAC28BA
Requests: 1 HTTP requests in this frame

Frame: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669636800
Frame ID: 6AFE98187A681114B6F519D644D9C3EA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 3F4059C45C1024B511BC279C910BBA9B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=jp4eq3kxxmm1
Frame ID: 15F2D2DE0CF64DF7156B23DD78BD3B96
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
Frame ID: 5A62E151F07503E6EC4DCD5E5E4E43FF
Requests: 18 HTTP requests in this frame

Frame: https://poleonaryprac.com/QkI5MVIjIFpcbSN/WxcnMC4EFGAEZwt3NnM4U0NrISELSyp1IV4fMS4tTFU0MC1XRXwsJ00UYAQAd1omBSYLBAQIAV5jBxcLUHg5Mhp4aSJxFlUBAwsWbGgTBxgLdBF3GFxJOXANf1IVDTV8WBwlAE18NXIJegImJQVOCAsOCk1jEXMlVlRiGAtvSGopEVVeAxI4YGgQEzFRfQAxGmFIGzsKa1UXIBZ0ZgdzMVJhEHYBblgiKBBqVhYYGmNiCgMYU3wAdgNsWAM6AHxCFyc7XnUBNRAOVWImA3tcZ3MMbEIXJzh8VBMDABwDFBtyaEIXcS4LdWMlAWBcfwwEYV0xdQxRQh4TEQ1aGgMmelM8EzpuRgR6I3xjCwdxVQMKNRRcYSsxIGpGAwsbCWc3FStwRRcpMXxUKwcRfWdiKSAIezEAK15EEBMEW30/DARycDZ1IW9dNwUKDAAAcy1gVDwQBWpGAHUMa2gbFDhSRwcuOk5XPBQDaHAEext4ewYANR9bIS0sSQwEG3V0YyINewlBFRcaDw
Frame ID: 2EDB074671510C44FA770504C1476E32
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Work.ink - Best Rekonise & Linkvertise alternative!

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

102
Requests

89 %
HTTPS

68 %
IPv6

31
Domains

42
Subdomains

39
IPs

5
Countries

2571 kB
Transfer

8110 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1408252460%3A1669645576813495&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvyylS0WRp0BZRSG6QBTdVwdSl0Puf6ysaOm2CLjUFms5gucr71bfZ7Tr_cQW5G_rSHCoDFSQ

Request Chain 71

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1761476060%3A1669645576819212&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAus-fHc-ZjDeP414j6djjygVjn6OP_qVHDAo3k7CY2gXubDVEd9DXagVlxodurMbr0aKPA_hg

Request Chain 78

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 96

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=NHwvknxLUXlCemZYcEZFRm9ocy96NzF0ZFIwUXRZWm5WdWM5Y2FyeTNVWXplaWV0UjRGV0tFWHBka3U5RTR3SVZ3OUdJVWNMQ0FpWGlqQVMzdmt6L0doaFc4WUNhU0loMGs2R1QyYzBNODNRTG5UN3ViU2ExK1VFK0pXL0VCVjlzNzhLeGxlemZMZi9qSEhabHBoV0VZbmY0bUpKVXBkYy8yRngrbnRON0J5MFFPYjlVamNzSUgveEFNTVRpdEZzRVR1OCtsQmlIM3N4Z0QzQWNJOE93U1pzMmo0T3k3akl2NWNhUWdIT1hXaTBKWUF3PXw&cppv=2

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request FirstWorkingTheMimicALlInOne Show response
work.ink/2kM/ 10 KB
4 KB 206ms
154ms Document
text/html 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0e4f6d730856225b5a560ef8cf1c74c520d092401345ca73f94c1a83d284e4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7713c70d3e309188-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 14:26:15 GMT
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rnr%2BVLHm1nzxyf8UT4A0ResIyRpJ%2Fn1p33UzzsJqsbf%2Bb1vNiAOpSXub5fjIRCo8fz3Wzq0E88kl2UU31Eu4ZyWIzR5xYYjCxJtC%2B4jVdbWtanTdHp3DD737ECJeDZrfELki3Cq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: sameorigin

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 196ms
89ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dae5ac97aa67d591edfe99862719cba49ae72c333a08d670e5f61c80a822894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49141
x-xss-protection: 0
server: cafe
etag: 2482797561419768868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 14:26:15 GMT

GET
H2 200 chunk-vendors.f4c76a04.js Show response
work.ink/js/ 249 KB
88 KB 56ms
54ms Script
application/x-javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/chunk-vendors.f4c76a04.js

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c0f91a1dd9399eeee39c0c14534cbc2346b0d79a68248d923543ab50eb7dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1594
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-3e296"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSe9aPm6Odti7FPPEocfQ%2FIOp6ev1zKp9Mv9eHfIGzoLvKjuh4QrwiusMQBJ%2F1eWYTlNEdTxjWvtV10bCsVW4y%2FXY6fBNHeHPa8UKV2gylZige8VA%2FjIlctRKXpudEo1lahjOiDf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7713c70e38759188-FRA

GET
H3 200 app.3cc2a200.js Show response
work.ink/js/ 199 KB
93 KB 74ms
73ms Script
application/x-javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/app.3cc2a200.js

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06c1486d196162ded5e14d337d0a36843fcf8c605e174e7b0bdfb6580f01c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-31b4a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kGos%2FQWIRk2VZFAkOxn%2FJxF0Ur7yoWpW6d9ldAObnSTIFE2t%2B5iz6ivh%2FHQExbXqpz6iRXbaA2d8FxdmF107U1zI8Wuev3VrhtCDXHYcRIF4naxHKAL8iE2mKcOwQuvzO9lPTmA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7713c70ebc386997-FRA

GET
H2 200 chunk-vendors.3ded2ec4.css
work.ink/css/ 51 KB
7 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/chunk-vendors.3ded2ec4.css

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7162
cf-polished: origSize=52731
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-cdfb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFe8E4Eek0Uqd66TeuEA9kQ6LyfMmNGv8XVAms6Yzz20Z2%2BJRwz%2FhJbYVNMp3SFi0MXdIpzrQgdS46FDn1K4aJ1NpNCUxc6kNOyk%2BSh2Iwh9x6dFu4wt5LjphfACerTjx0nyP%2BPn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7713c70e38779188-FRA

GET
H2 200 app.9f75da6d.css
work.ink/css/ 19 KB
4 KB 71ms
70ms Stylesheet
text/css 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/app.9f75da6d.css

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a285c7b7b5d2b42d829c7db8153ff2e3331fe1c8bcce884de35a89271a982943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7162
cf-polished: origSize=19754
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-4d2a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l45HPAbySEbbbMwciCGLyXYl0Vrdnob6KlZZjB0rlF5v7hEquhZcO7IpksctJw95zs09tsmCE%2BtMxWx3GGH16KNTRugo4DH0oPhLE0EbRXqf3Z3P2YD%2FLqoDXS8QhHT9ylcR0thc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7713c70e387c9188-FRA

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 91ms
51ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789b89aba95796aad2e2e7b5962c320a42cfe1bbfb6e4fbf837c1af368ae281e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 09:28:01 GMT
server: cloudflare
age: 3474
etag: W/"dd8-5ee847ce16d0d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7713c70e7b2490a0-FRA
expires: Mon, 28 Nov 2022 14:28:21 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/workink/ 14 B
210 B 244ms
215ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/workink/loader.js
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4077-HHN
date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669645575.498392,VS0,VE207
x-cache: HIT
content-type: application/javascript
abp: 69
cache-control: private,max-age=14401
accept-ranges: bytes
content-length: 14
retry-after: 0
x-cache-hits: 0

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1833.007-3.025/ 183 KB
56 KB 43ms
43ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1833.007-3.025/ice.js
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3624981e1aa019a5dea62ba01d0cf5fadbed2354df6cbd14c2a805512fbe5b75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 09:34:52 GMT
server: cloudflare
age: 2112
etag: W/"2dae0-5ee200024657b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 7713c70ecbb290a0-FRA
expires: Wed, 28 Dec 2022 13:51:03 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 37ms
7ms Script
application/javascript 2600:9000:21f3:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:25:17 GMT
content-encoding: br
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 59
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0ps50tC-29rLlD9ClEBNIUOa3La6IcGPutD21o4FtADJbsG6NGBR9g==

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
43 KB 9ms
9ms Script
text/javascript 2600:9000:21f3:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 18:11:35 GMT
content-encoding: br
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 72881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: UiPvhjsvR10K5AfaNVzCQTnyHIWuR1OxPqGK-Yo4AjpgbX2VdmeKTg==

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame E7E4 0
33 B 185ms
169ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2kM%2FFirstWorkingTheMimicALlInOne
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7713c70f9cc790a0-FRA
content-length: 0
date: Mon, 28 Nov 2022 14:26:15 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
33 B 173ms
161ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2kM%2FFirstWorkingTheMimicALlInOne
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7713c70f9ccc90a0-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 0
43 B 167ms
157ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2kM%2FFirstWorkingTheMimicALlInOne&jsv=1833.007-3.025&_cb=16696455756020
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7713c70f9ccb90a0-FRA
content-length: 0

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
2 KB 79ms
27ms Script
application/javascript 2606:4700::6812:c5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sf

Requested by

Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .aaxads.com aax-related.sourceforge.net .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .criteo.com .hitachivantara.com .recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-security-policy: frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.aaxads.com aax-related.sourceforge.net *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.criteo.com *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 28 Nov 2022 14:22:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7713c7101d609c0a-FRA
expires: Mon, 28 Nov 2022 18:26:15 GMT

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
1 KB 93ms
41ms Script
application/javascript 2606:4700::6812:c5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sd

Requested by

Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .aaxads.com aax-related.sourceforge.net .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .criteo.com .hitachivantara.com .recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-security-policy: frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.aaxads.com aax-related.sourceforge.net *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.criteo.com *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 10257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 28 Nov 2022 11:35:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7713c7101d629c0a-FRA
expires: Mon, 28 Nov 2022 18:26:15 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
965 B 146ms
50ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

819a5b03a49a26dce99f8f69e679f3e248f2ffc53bda6b294cdadb61e1eb0f7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 552
x-xss-protection: 1; mode=block
expires: Mon, 28 Nov 2022 14:26:15 GMT

GET
H2 200 ping Show response
redirect-api.work.ink/ 61 B
592 B 218ms
164ms Fetch
application/json 2606:4700:20::681a:a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect-api.work.ink/ping
Requested by: Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 89dc53032ee24db778a5419ea48ac2fe43df017f39910438dad3c681027c2cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d-DgBR4NRos4jD3bMrFMGdVDC7hJA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWnn1op1fms4XV6JqfMvmduuJ8Fq7Ctu3c%2F2rYlhDJYON1PU6HOco2doDjm9TMHsNZetReHYL%2B9u3tkS1mZHcksstBYdE%2FqmP0z77pVHNC9qVByMSUEQaABJgpGBehyUDWml%2BpUfVVU1ZPk02xswzUyy4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7713c7103a809b22-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 400 s.js Show response
work.ink/cdn-cgi/zaraz/ 24 B
444 B 42ms
42ms Fetch
text/plain 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js
Requested by: Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F8T48EfHSuFUyygiMtT48Zno6rGiilqQF6UZdzeEN%2BnTmL1LIulODsIt40s3PsGPQWoz99W2YYZtnZhJudGkxQuC1%2F7VubZV1wQkVzeG7TJAYGXMz9cOKnCxWvtYq%2FmHhwRMly4"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 7713c70fee776997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 invisible.js Show response
work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 6AFE 34 KB
15 KB 18ms
17ms Script
application/javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669636800
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239c3f428b099e4d49031ac5a49878d298e9bca961e1639f161ea16f513bec37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0osp2jikobjpBeD8OFxzx6FgMUjTSq6MqFY%2B%2FYMNcZ1203k%2FjsbSZ7wUkeroRSCCMmk0ulWEQuZTcTcgVZH9sCqUCXkQe1PfMKsHjI3bXwyqtjAJWd7I8fz8z3thFreLdVGZgh88"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7713c70fee7a6997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s.js Show response
work.ink/cdn-cgi/zaraz/ 5 KB
3 KB 44ms
44ms Script
text/javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC41MDUwODUxNjg5ODAwODk5JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JrLmluayUyRjJrTSUyRkZpcnN0V29ya2luZ1RoZU1pbWljQUxsSW5PbmUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d172d0ec4ab9451f8fd909c0c26d6db6e30bed920a384579c450290a207b5131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MosbBtgzmRJ%2FzzKINV1p62%2B6MoEp8YFzm8hDt8DHe6BPJJIcQI7sfJIkMB2q7hSZLRX%2BGMxZw9lpSRvMrEKjqqaX%2BBkDhQPegZJb4MCdTekoRAexbfHYwNWCyHX5zwjcU3JGGkyX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 7713c70fee836997-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 56ms
8ms XHR
application/json 2600:9000:21f3:b800:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcdb794cf5e19b747a7c2ba364bfc44b7fd1848fcb6dc538edd84af839481579

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 03:00:52 GMT
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
content-encoding: br
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 41124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
server: AmazonS3
etag: W/"67643b5faa0950a5532c47758ba39d2f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: sUGXEqxOCGftrrJ7FMZXXBw2eVw7U5Utliu3XuDssc8LUfpaXRKb4w==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 190ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2046708012782383&plah=work.ink&bust=31070923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 11808999958306423375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 14:26:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 3F40 10 KB
5 KB 125ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11929.js Show response
cdn.thisiswaldo.com/static/js/ 345 KB
101 KB 80ms
11ms Script
application/javascript 2600:9000:2057:5c00:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/11929.js

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5c00:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

f7f7c9968bc34791cb1568fa746996c40f4354735b6a3b07eebdf9b2c65e578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 01:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 17:17:22 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: "564b4-5ed20f23e5ff4-gzip"
age: 46976
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: btefei1HNiLD0zmDOolvBbp-COmROyYlNQaamInKx6B_dczzj4SO4A==

GET
H3 200 workink-colorful-md.8d4b6dda.png
work.ink/img/ 6 KB
7 KB 31ms
31ms Image
image/webp 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-colorful-md.8d4b6dda.png

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="workink-colorful-md.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6626
cf-bgj: imgq:100,h2pri
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: "637dffdb-3ccc"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BRPQqkd4IrZNV0Fr%2BIiDOYdtg4Ep1Fw1pU11432jAAT1kTZd8%2FUnErb%2BTaBo40cifDlZlWHrslArUicYjzncLDs4yKfslB8nT7aNpnZ4MwmRoILuOuFWXMGr6tUKzOgkEO72EC1"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7713c7107fd16997-FRA

GET
H3 200 loader.a62dee1e.svg
work.ink/img/ 593 B
828 B 38ms
37ms Image
image/svg+xml 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/loader.a62dee1e.svg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-251"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rJx62Te7ztx7uQ3lPNy34Ajn22rL9TG8nNHGwjaWw6aWB0PAfFgO%2FxItEjwAwXkWNDHRz1HczLjRrB754pKPFZJyVGGJkLnocF52ABRAVVqI3joq0zMcnj1EnXp58IvylzX%2B5eM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7713c7107fd86997-FRA

GET
H3 200 workink-white-md.4be034e5.svg
work.ink/img/ 8 KB
3 KB 45ms
44ms Image
image/svg+xml 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-white-md.4be034e5.svg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-2151"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ85teLxYeEoYvpsoYSlUTuwE2schpI27RNCHWRWcR5jb3Uhg0R5ZQeAJB%2F95eQKD6Lvv8NkeJ1M8ErpPJ1V6s9eekpP%2BhMIWgnRiQmaAQfud4HGDmOo7Cvl65ihFz%2FvPv5YVXpL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7713c7107fdc6997-FRA

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
59 KB 10ms
9ms Script
text/javascript 2600:9000:21f3:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 20:03:24 GMT
content-encoding: gzip
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 152572
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: _yBnoNgWxuo9Rm4hsT7llZxMBxci7rUOLIuFKQS1emX13rY1A4EI9Q==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 350 KB
43 KB 27ms
8ms XHR
application/json 2600:9000:21f3:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd82af1d3af67c4f7aad49c68da4bfb907c83a5647d3011f7ed18de3eed2e8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 03:00:37 GMT
content-encoding: br
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 41139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 28 Nov 2022 03:00:34 GMT
server: AmazonS3
etag: W/"2dd01dbde56e1bed0bb9207725823abc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: KzokGeaxudPaWicYQ9mNO2mzLMiWNogKEz6_l3cvyqGCwlje-591jQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 150 KB
35 KB 33ms
16ms XHR
application/json 2600:9000:21f3:1a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 03:03:47 GMT
content-encoding: br
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 40949
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 28 Nov 2022 03:03:45 GMT
server: AmazonS3
etag: W/"5e5c32e11030f411462907ffac99a722"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: yYKWmshgdkAmfK2y7nPM5UOJhbivTKYcdVhJd5ytGg8FeiMsaJejqg==

GET
H3 200 pica.js
work.ink/cdn-cgi/challenge-platform/h/b/scripts/ Frame 6AFE 18 KB
8 KB 34ms
32ms Other
application/javascript 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9018a2e5f42a3420f13aadb13c1fa2df74fb9abf9fdff5ab01c7cf92ddd78f14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BgXdSLlC2YhsA0efJyb%2BjMCKHi%2BNTZXD2iy2R91zZFxC8PQMYbvp12dSmvTb0iDREm%2BvuaFsG1elpqmbFKaKjWVMzgNrcKm7gg9uSnpEDAUZh7Hx2RoTi%2Fok4%2BpKimMNYDWug1Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7713c71098186997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 47ms
9ms XHR
text/plain 35.156.66.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22work.ink%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669645575810%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ylzdwmngdgt5ihv30b68%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.66.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-66-115.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 28 Nov 2022 14:26:15 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 14:09:40 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/ 4 KB
2 KB 36ms
10ms Script
application/javascript 2600:9000:2240:8600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 21:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 19
x-amz-server-side-encryption: AES256
etag: W/"84f67876c95a3a1982d1378d05722a85"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: o69bEF4zwf59MHpTfgQNUNyTPji3IGUXtGMjbt5wNUQai3uJQFqDag==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 201 KB
62 KB 208ms
6ms Script
application/javascript 88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:52:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=67852
accept-ranges: bytes
content-length: 62752
expires: Tue, 29 Nov 2022 09:17:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 154ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1405 / 673 of 1000 / last-modified: 1669637149"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 28 Nov 2022 14:26:16 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 208 KB
40 KB 56ms
32ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fed67b6c94c528ea2bfe4bdcb61c0ce60d32432123631b33a892facf053841e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 12:40:15 GMT
server: cloudflare
x-amz-request-id: GX8AGF16SHW8SWJZ
age: 308
etag: W/"a570c6271c4b288aad580a77385d17b3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7713c711bb418fd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Re64RnvHineJ2PAIfaewO6QK0GUl2IfktXlg+y4OXO3JXd1IhHFx0EpEyTrzhzXcP8Q5vTjhzz4=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 667ms
388ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 28 Nov 2022 14:26:16 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 353 B
463 B 511ms
182ms XHR
application/json 50.18.102.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.18.102.42 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-18-102-42.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8fee08db0c772e734a96ac3204237ed6f77a75b690249707dd5e54311c409415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 246

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 146ms
44ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 05 Dec 2022 14:26:16 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
43 KB 9ms
9ms Script
text/javascript 2600:9000:2240:8600:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:8600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:23:19 GMT
content-encoding: br
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: aHEG5dtKp3W1w5WffWRyftOv8XviMb9bSGoWDV183r2vHUbGOX684g==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202211100910/ 212 KB
67 KB 36ms
26ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202211100910/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 14:35:42 GMT
server: cloudflare
x-amz-request-id: ERJZ3BSJR4K21TVS
age: 1542176
etag: W/"f907f76d0cf55dfde491009ce035c1c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7713c7126fdb9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YUNjhh07tDaXG8pOF4oHwf4vDMxPCZAfF6+prYQmIjaeXzOiSPoBGLu3XNgPJX8L+oxqu4DX56A=

POST
H3 200 7713c70d3e309188 Show response
work.ink/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 6AFE 2 B
664 B 46ms
45ms XHR
text/plain 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/cv/result/7713c70d3e309188
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669636800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJYeM7eaORuZP2yuj%2BM%2FzGfjRONk4%2Fpntcoyr%2BCYyRHwyeCk33wsN1S4L%2BpZ05fMiK8PwSbY2wJY80%2FBoit6NewIxzkp7P%2FpXS%2BpavD1oChB5VWR7mca461%2F8QL%2FBFAvt6RNzkNT"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7713c7139e0d6997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 15F2 42 KB
22 KB 139ms
59ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=jp4eq3kxxmm1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70002be766312e408755bd5457a8a5c169b956ce74d9f70a4ef368ca2639148f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uDLKnrSXn9GhzvHKo8_wew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22440
content-security-policy: script-src 'report-sample' 'nonce-uDLKnrSXn9GhzvHKo8_wew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 14:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 128ms
37ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 28 Nov 2023 14:04:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
121 B 165ms
75ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=work.ink

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Mon, 28 Nov 2022 14:26:16 GMT

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
632 B 35ms
7ms Script
application/javascript 2600:9000:223c:5600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:37:10 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: D-orduTXtXP-LkMMOPCP8ILfSfki1G-4Puw1KaNiwYRO2CZcOiU69w==

GET
H2 200 / Show response
d1zjr9cc2zx7cg.cloudfront.net/ 162 KB
53 KB 255ms
159ms Script
text/plain 2600:9000:2251:de00:19:8cab:9c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjr9cc2zx7cg.cloudfront.net/?crjzd=971193
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:19:8cab:9c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c75b03030e979c32e3e76a3ef82753fb2a869082edf3b2891b94de2d92fdc24a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 54017
x-amz-cf-id: u8guSrtesGMKO2dH28Ut4cr4mJjvB_w5LHtpZxdggBRcQkMr1kNTFw==

GET
H2 200 T9a7ceTNDdU Show response
www.youtube.com/embed/ Frame 5A62 69 KB
29 KB 174ms
87ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac578eb431ec1df010bcf1beeb2fb7009f567a2ff25624bf7a3fb9cf65a14f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 14:26:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 default.jpg
img.youtube.com/vi/AlRuSjp7cec/ 4 KB
4 KB 160ms
37ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/AlRuSjp7cec/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313b0b9da4a2eea5f7a4032d3f8767841f014163e78e991acf208184539a8770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:24:47 GMT
x-content-type-options: nosniff
age: 3689
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4001
x-xss-protection: 0
server: sffe
etag: "1658724269"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Nov 2022 15:24:47 GMT

GET
H2 404 default.jpg
img.youtube.com/vi/JN7XpvG7g9E/ 1 KB
1 KB 195ms
72ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/JN7XpvG7g9E/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Mon, 28 Nov 2022 14:26:46 GMT

GET
H3 200 readArticles.bd2e5f09.svg
work.ink/img/ 3 KB
1 KB 102ms
101ms Image
image/svg+xml 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/readArticles.bd2e5f09.svg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

620ca537f7a84340470ff364c66c2b33d6ed869e8ed0b3a69ac8a5f5c218898f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 96
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 11:11:23 GMT
server: cloudflare
etag: W/"637dffdb-a02"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAnaQEXYllvnxnnV9mroel2AZ%2BE9JR14J%2Fgy7CnIUG8MJxScotbj4Il4RNyeyEA8N2nf01GB4rxQpYmpxWz8GUduOeQzw864BMDLUzxHxb0%2BLqMZtW3F0YKD73YxxGvNZr1WERU2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7713c7147ffb6997-FRA

GET
H2 200 default.jpg
img.youtube.com/vi/o5LqNKs8NAY/ 5 KB
5 KB 172ms
50ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/o5LqNKs8NAY/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5973f86a3e90e162f512340ab930de124118cc4c0ece2454d9957a72de6943f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4832
x-xss-protection: 0
server: sffe
etag: "1667650932"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Nov 2022 16:26:16 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/T9a7ceTNDdU/ 4 KB
4 KB 163ms
40ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/T9a7ceTNDdU/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3fe70e87c0f680d29547247e1244023050bf3f216fae2a3f3832df70a63555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:27:10 GMT
x-content-type-options: nosniff
age: 3546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3956
x-xss-protection: 0
server: sffe
etag: "1662980356"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Nov 2022 15:27:10 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/O6hwA2TCRw8/ 5 KB
5 KB 168ms
46ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/O6hwA2TCRw8/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29dde4e2d69176e50aee61188f7ef9e5da0fedf36a26c2dad1d141267511a042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5342
x-xss-protection: 0
server: sffe
etag: "1669641986"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 28 Nov 2022 14:31:16 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 15F2 52 KB
24 KB 123ms
41ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=jp4eq3kxxmm1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 14:08:11 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 15F2 402 KB
161 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 14:09:40 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4eb6b35d/ Frame 5A62 359 KB
49 KB 116ms
39ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 249011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49788
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Nov 2023 17:16:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A62 15 KB
16 KB 133ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 268271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A62 15 KB
15 KB 143ms
51ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 576297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:21:19 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/ Frame 5A62 312 KB
97 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 222391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99035
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 26 Nov 2023 00:39:45 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 5A62 2 MB
580 KB 131ms
83ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 593364
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:55:27 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/ Frame 5A62 9 KB
3 KB 128ms
81ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 15:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 27 Nov 2023 15:46:41 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 49ms
20ms Fetch
binary/octet-stream 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1zjr9cc2zx7cg.cloudfront.net
URL: https://d1zjr9cc2zx7cg.cloudfront.net/?crjzd=971193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 28 Nov 2022 14:02:46 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUJWd10eZRKD2oVAvZCWGX%2BM2kWJqIpuPW34o7j1wMzbmNwu2ublXkHYfMaAjUB2IUx6GtZys6jLk%2BzM7zVme%2BZDNG8fHADyvJGm%2Fkv%2FIPl1629MP6ddDLkf1p0Z5L7u"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7713c7164ef19b71-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 27 B
371 B 150ms
121ms Fetch
text/plain 172.64.199.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1zjr9cc2zx7cg.cloudfront.net
URL: https://d1zjr9cc2zx7cg.cloudfront.net/?crjzd=971193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.199.35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e60d1e581c118894ca2fac923f2fc4484390892cb94b91058b40c34b2fe450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9ypTvcJzcz8sg9sRHCeHD3HIqKt76%2BZ4DJSRsphEu5brSsEcPaC3hteMj9GE4sat2cW3i%2BTMpZ4lWgB7otW4lxD4Ps1R3ctvHO2lnL%2FRQSaSvoqRgxfPDmERU%2BXgr%2BP"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7713c7164ef69b71-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
poleonaryprac.com/ 0
486 B 135ms
98ms XHR
text/plain 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://poleonaryprac.com/utx?cb=eJCUptod8Ebt&top=work.ink&tid=971193
Requested by: Host: d1zjr9cc2zx7cg.cloudfront.net
URL: https://d1zjr9cc2zx7cg.cloudfront.net/?crjzd=971193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 14:26:16 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://work.ink
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: tHCJ7AJNSoJgB13H6U7R_N7Pc5nDSv5D3wuoZJSDR8g5TtHo_mWr8Q==

GET
H2 200 DARycDZ1IW9dNwUKDAAAcy1gVDwQBWpGAHUMa2gbFDhSRwcuOk5XPBQDaHAEext4ewYANR9bIS0sSQwEG3V0YyINewlBFRcaDw Show response
poleonaryprac.com/QkI5MVIjIFpcbSN/WxcnMC4EFGAEZwt3NnM4U0NrISELSyp1IV4fMS4tTFU0MC1XRXwsJ00UYAQAd1omBSYLBAQIAV5jBxcLUHg5Mhp4aSJxFlUBAwsWbGgTBxgLdBF3GFxJOXANf1IVDTV8WBwlAE18NXIJegImJQVOCAsOCk1jEXMlVlR... Frame 2EDB 3 KB
2 KB 104ms
100ms Document
text/html 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://poleonaryprac.com/QkI5MVIjIFpcbSN/WxcnMC4EFGAEZwt3NnM4U0NrISELSyp1IV4fMS4tTFU0MC1XRXwsJ00UYAQAd1omBSYLBAQIAV5jBxcLUHg5Mhp4aSJxFlUBAwsWbGgTBxgLdBF3GFxJOXANf1IVDTV8WBwlAE18NXIJegImJQVOCAsOCk1jEXMlVlRiGAtvSGopEVVeAxI4YGgQEzFRfQAxGmFIGzsKa1UXIBZ0ZgdzMVJhEHYBblgiKBBqVhYYGmNiCgMYU3wAdgNsWAM6AHxCFyc7XnUBNRAOVWImA3tcZ3MMbEIXJzh8VBMDABwDFBtyaEIXcS4LdWMlAWBcfwwEYV0xdQxRQh4TEQ1aGgMmelM8EzpuRgR6I3xjCwdxVQMKNRRcYSsxIGpGAwsbCWc3FStwRRcpMXxUKwcRfWdiKSAIezEAK15EEBMEW30/DARycDZ1IW9dNwUKDAAAcy1gVDwQBWpGAHUMa2gbFDhSRwcuOk5XPBQDaHAEext4ewYANR9bIS0sSQwEG3V0YyINewlBFRcaDw
Requested by: Host: d1zjr9cc2zx7cg.cloudfront.net
URL: https://d1zjr9cc2zx7cg.cloudfront.net/?crjzd=971193
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 16ceed71d56f406ed372cbe3b333f469df2496c2382a65d0a5d0792e9e242336

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1242
content-type: text/html
date: Mon, 28 Nov 2022 14:26:16 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-id: Tj2GCWkbbrqWfyImo_y_ZthvWqJXUyUTzNF6YwH6K4Ve64SWYcRDag==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront

GET
H2 204 aTg3MXNGB1RCTghsfUclWGpTczVcTW1dNi5uBQgbPml9UxFbYRFFGg0FDgZCWAEEFwMAXAoAVRpMVkUGGgUGFxoHXlgMVR8FBh9AXRYEAF1YHkIMQk9MR1AUVAkRQQcdVAoARV8BAQVGXA8BB0Vb
enaceanspection.com/ 0
409 B 188ms
139ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://enaceanspection.com/aTg3MXNGB1RCTghsfUclWGpTczVcTW1dNi5uBQgbPml9UxFbYRFFGg0FDgZCWAEEFwMAXAoAVRpMVkUGGgUGFxoHXlgMVR8FBh9AXRYEAF1YHkIMQk9MR1AUVAkRQQcdVAoARV8BAQVGXA8BB0Vb
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceRs8kAXb02GKESOVBgRBPTTJh70la0%2BUsGFRyMmZRMwdChjrqsvQ2WOi7K8qQBgEZDvkKu4rpmPlEX63NPo8YxfaSM%2FBqoZsaPevccQBdDk%2Bc1DbX9MTPu31js25UaKWAsEg8fX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7713c716990d9b9a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 117ms
98ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/v3/signin/identifier?dsh=S-1408252460%3A1669645576813495&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSign...

0
0

136ms
57ms

Image
text/html

2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1408252460%3A1669645576813495&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvyylS0WRp0BZRSG6QBTdVwdSl0Puf6ysaOm2CLjUFms5gucr71bfZ7Tr_cQW5G_rSHCoDFSQ
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Server: 2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Nov 2022 14:26:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-t6OOXJxQaocPb9Td3CDf7Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 396
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1408252460%3A1669645576813495&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvyylS0WRp0BZRSG6QBTdVwdSl0Puf6ysaOm2CLjUFms5gucr71bfZ7Tr_cQW5G_rSHCoDFSQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/v3/signin/identifier?dsh=S-1761476060%3A1669645576819212&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWeb...

0
0

136ms
63ms

Image
text/html

2a00:1450:4001:829::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1761476060%3A1669645576819212&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAus-fHc-ZjDeP414j6djjygVjn6OP_qVHDAo3k7CY2gXubDVEd9DXagVlxodurMbr0aKPA_hg
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Server: 2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date: Mon, 28 Nov 2022 14:26:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-o5m2BymIodjGeTejUCbUCw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1761476060%3A1669645576819212&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAus-fHc-ZjDeP414j6djjygVjn6OP_qVHDAo3k7CY2gXubDVEd9DXagVlxodurMbr0aKPA_hg
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 15F2 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 501988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 29 Nov 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15F2 15 KB
15 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 268271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 15F2 15 KB
15 KB 130ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 576297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 15F2 102 B
134 B 54ms
54ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=jp4eq3kxxmm1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 28 Nov 2022 14:26:16 GMT

GET
H2 200 Y0QsE3l2D1gCYm-NFXlc7NhsLQS4kHAdCbnQxWwV8aERYE3l2XwVePysbSwQIY0VeWiItEksEeyESDV0kb1JcBiguBQFbLmNFKAd7cVleGH51R1oYenRGSwR7NRYIVzkvUlxwfnVAQAV9YAJTBw Show response
d1zjr9cc2zx7cg.cloudfront.net/BNktGd25VJCgRUUIiIkpXAXp3Tl0QITUYAEZ2EC5Zexk2OFcGOwEiNgBtMg0KC3tgGw9YLHtRC1goe0ZIVy8kSloQPzYYBQshLRsXXyIyHRdEbTMWU1skPB4CWipjRSgDZXZSXAZjMR4AUiQxBEsEeygDSwR7d0dABm51NU... Frame 2EDB 702 B
789 B 160ms
158ms Script
text/plain 2600:9000:2251:de00:19:8cab:9c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1zjr9cc2zx7cg.cloudfront.net/BNktGd25VJCgRUUIiIkpXAXp3Tl0QITUYAEZ2EC5Zexk2OFcGOwEiNgBtMg0KC3tgGw9YLHtRC1goe0ZIVy8kSloQPzYYBQshLRsXXyIyHRdEbTMWU1skPB4CWipjRSgDZXZSXAZjMR4AUiQxBEsEeygDSwR7d0dABm51NUsEezEeAAB/Y0QsE3l2D1gCYm-NFXlc7NhsLQS4kHAdCbnQxWwV8aERYE3l2XwVePysbSwQIY0VeWiItEksEeyESDV0kb1JcBiguBQFbLmNFKAd7cVleGH51R1oYenRGSwR7NRYIVzkvUlxwfnVAQAV9YAJTBw
Requested by: Host: poleonaryprac.com
URL: https://poleonaryprac.com/QkI5MVIjIFpcbSN/WxcnMC4EFGAEZwt3NnM4U0NrISELSyp1IV4fMS4tTFU0MC1XRXwsJ00UYAQAd1omBSYLBAQIAV5jBxcLUHg5Mhp4aSJxFlUBAwsWbGgTBxgLdBF3GFxJOXANf1IVDTV8WBwlAE18NXIJegImJQVOCAsOCk1jEXMlVlRiGAtvSGopEVVeAxI4YGgQEzFRfQAxGmFIGzsKa1UXIBZ0ZgdzMVJhEHYBblgiKBBqVhYYGmNiCgMYU3wAdgNsWAM6AHxCFyc7XnUBNRAOVWImA3tcZ3MMbEIXJzh8VBMDABwDFBtyaEIXcS4LdWMlAWBcfwwEYV0xdQxRQh4TEQ1aGgMmelM8EzpuRgR6I3xjCwdxVQMKNRRcYSsxIGpGAwsbCWc3FStwRRcpMXxUKwcRfWdiKSAIezEAK15EEBMEW30/DARycDZ1IW9dNwUKDAAAcy1gVDwQBWpGAHUMa2gbFDhSRwcuOk5XPBQDaHAEext4ewYANR9bIS0sSQwEG3V0YyINewlBFRcaDw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:de00:19:8cab:9c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fc52e95bd3fca78fee09eed1cc69749f3f0b565c5fff50f2ad3f012001a066a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://poleonaryprac.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
content-encoding: gzip
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 513
x-amz-cf-id: wNtFGuF_qt-_nE8Hkwnoj_AaxQnvrvBdRvhGvZvnVUqpskgIguuS2A==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 15F2 32 KB
18 KB 74ms
74ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27bff46d41bb01584efe34d12ce63aaedd00f071ff13f4bbb0cc70ab56d3192d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=jp4eq3kxxmm1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18723
x-xss-protection: 1; mode=block
expires: Mon, 28 Nov 2022 14:26:17 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5A62
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

45ms
45ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

518f1b56125147cd234296bd2ec426fab487c58e973ad18a0a6635c1d012bdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Nov 2022 14:26:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5A62 29 B
588 B 121ms
38ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:20:09 GMT
x-content-type-options: nosniff
age: 368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Nov 2022 14:35:09 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 141ms
49ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 28 Nov 2022 14:26:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5A62 0
0

GET
H3 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame 5A62 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 15:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 514512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 15:31:05 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/ Frame 5A62 26 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4eb6b35d/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/T9a7ceTNDdU?modestbranding=1&autohide=1&showinfo=0&controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 15:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 599436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8297
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Nov 2023 15:55:41 GMT

GET
DATA 200
OK truncated
/ Frame 5A62 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET VkCAj2kW-WdbdvLo62GOfChk5D_RzCqEWmVkO-8biskmX9ZhDi4CLgOQusS6n07ijE_l-m88=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5A62 0
0

GET sddefault.jpg
i.ytimg.com/vi/T9a7ceTNDdU/ Frame 5A62 0
0

GET
H3 204 Qj8eMyJZflxxd1J7X3J5U35afw
enaceanspection.com/T2pHTmRgVSQ9WRgHIzwqfDgyGzIgJRUjLhs/MHcmLgYjKCB/M2E6DStXfnlVflN0aBQmDnp/QjweJjoRPFd0flR+TC4gAiBXd35Ufkwxc1VhWXNgV35EdmgRcltweVZ4U3Z2VXxYcn1VeFNhOhQuDXp/ 0
433 B 178ms
121ms Image
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://enaceanspection.com/T2pHTmRgVSQ9WRgHIzwqfDgyGzIgJRUjLhs/MHcmLgYjKCB/M2E6DStXfnlVflN0aBQmDnp/QjweJjoRPFd0flR+TC4gAiBXd35Ufkwxc1VhWXNgV35EdmgRcltweVZ4U3Z2VXxYcn1VeFNhOhQuDXp/Qj8eMyJZflxxd1J7X3J5U35afw
Requested by: Host: work.ink
URL: https://work.ink/2kM/FirstWorkingTheMimicALlInOne
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH4w8i21PzZoI15%2Ff9B0oXZUhL2guFjRRvs2FFPNYifKWnTVv6q%2Fyi%2FkBfUkOuJTee3z4OmXjlIbvvK7XbhGtPn%2BDyZNEKXOVpQpaHPrtPy5UfqooeL0k5c67QXKNvjfc0HtpYzm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7713c71949399bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET generate_204
www.youtube.com/ Frame 5A62 0
0

POST atr
www.youtube.com/api/stats/ Frame 5A62 0
0

POST log_event
www.youtube.com/youtubei/v1/ Frame 5A62 0
0

POST
H3 200 t Show response
work.ink/cdn-cgi/zaraz/ 84 B
577 B 32ms
32ms Fetch
application/json 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/t
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC41MDUwODUxNjg5ODAwODk5JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JrLmluayUyRjJrTSUyRkZpcnN0V29ya2luZ1RoZU1pbWljQUxsSW5PbmUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56fe85f081b5c80c19e3bf03dd810cac5c0f80aea76fcc231d9a55a36cf9fa8

Request headers

Referer: https://work.ink/403
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noE4G6b1tFXvoUX33dDR%2BCvIJVj0hhAvIgn5tZ4JbxvLhHqCijcjJWLiFe9AqL9uehmvXT5T3SDUTgvEIcLXwUrlEL1u7y6wfMwzq9uU27gGBilAkfy%2BWU6ysH2tnI5pumjrw%2F6U"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7713c71a5cd86997-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 t Show response
work.ink/cdn-cgi/zaraz/ 84 B
577 B 54ms
54ms Fetch
application/json 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/t
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC41MDUwODUxNjg5ODAwODk5JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JrLmluayUyRjJrTSUyRkZpcnN0V29ya2luZ1RoZU1pbWljQUxsSW5PbmUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b56fe85f081b5c80c19e3bf03dd810cac5c0f80aea76fcc231d9a55a36cf9fa8

Request headers

Referer: https://work.ink/403
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Nov 2022 14:26:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWoLp43%2BnWsR0PANHTMHLN12F8o6T%2Bi1guzFG%2Bh6f%2Ft7YVP8XTnhe6MkB7WsBqSE8D2WKu2RlN2d8tVpk0tyCQSJmx7zP2ifVpercSsgH1H3M28UKYnYgPQEPUzROiJ2IkkwLbp1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 7713c71a5cdf6997-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 popunder.gif
enaceanspection.com/ 35 B
521 B 47ms
46ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://enaceanspection.com/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: public
date: Mon, 28 Nov 2022 14:26:17 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Nov 2022 17:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 161142
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wl9Z7fGOz2RdeAH0ol0yMsxdMDTpVwGOHTWsjeYkM7RywJAwYK7Wj407%2BzVhjfcQ%2Bjl3grYHHhu%2B%2Bs14bVH0u4dzQMdrbwKfSBZODVpJrNTe4xpz%2FYfvcDq7C%2FWHcC3b%2FQzxqzdu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7713c71b0cf29bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://work.ink
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 14:26:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 335648
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
291 B 306ms
124ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 14:26:18 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=NHwvknxLUXlCemZYcEZFRm9ocy96NzF0ZFIwUXRZWm5WdWM5Y2FyeTNVWXplaWV0UjRGV0tFWHBka3U5RTR3SVZ3OUdJVWNMQ0FpWGlqQVMzdmt6L0doaFc4WUNhU0loMGs2R1QyYzBNODNRTG5UN3ViU2ExK1VFK0pXL0...

354 B
645 B

43ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NHwvknxLUXlCemZYcEZFRm9ocy96NzF0ZFIwUXRZWm5WdWM5Y2FyeTNVWXplaWV0UjRGV0tFWHBka3U5RTR3SVZ3OUdJVWNMQ0FpWGlqQVMzdmt6L0doaFc4WUNhU0loMGs2R1QyYzBNODNRTG5UN3ViU2ExK1VFK0pXL0VCVjlzNzhLeGxlemZMZi9qSEhabHBoV0VZbmY0bUpKVXBkYy8yRngrbnRON0J5MFFPYjlVamNzSUgveEFNTVRpdEZzRVR1OCtsQmlIM3N4Z0QzQWNJOE93U1pzMmo0T3k3akl2NWNhUWdIT1hXaTBKWUF3PXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aba823a3aa01c3b4f77dfe6c23036bd2a2522adc264e6fc05f13779aa80815ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 14:26:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 544052
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 14:26:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=NHwvknxLUXlCemZYcEZFRm9ocy96NzF0ZFIwUXRZWm5WdWM5Y2FyeTNVWXplaWV0UjRGV0tFWHBka3U5RTR3SVZ3OUdJVWNMQ0FpWGlqQVMzdmt6L0doaFc4WUNhU0loMGs2R1QyYzBNODNRTG5UN3ViU2ExK1VFK0pXL0VCVjlzNzhLeGxlemZMZi9qSEhabHBoV0VZbmY0bUpKVXBkYy8yRngrbnRON0J5MFFPYjlVamNzSUgveEFNTVRpdEZzRVR1OCtsQmlIM3N4Z0QzQWNJOE93U1pzMmo0T3k3akl2NWNhUWdIT1hXaTBKWUF3PXw&cppv=2
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 606246
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
312 B 108ms
31ms XHR
application/json 52.49.92.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.92.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-92-250.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 14:26:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://work.ink
cache-control: no-cache
x-server: 10.45.26.23
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 125ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 19e274e31dc09ce309b324d58b9fbb10e2752be388066fb741ad76adc11a62eb

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 28 Nov 2022 14:26:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.ink
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 28 Dec 2022 14:26:18 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 52ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 28 Nov 2022 14:26:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 454570
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
770 B 68ms
19ms Script
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 424509
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJeGpPbDUYgFw%2FClX1xgj0%2FFAXW4KPK55YfNjKAzM03cLO6lz04ILjVzgrpt7LnvB5A8frkS2zo5kP9%2FShZHdJJu9MMxbHl4ouxZe8QVIWOhW6fAYvpUp8P%2B7TKG7n4%2BtrWRq90VEl4rgGnI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7713c731283a9be0-FRA

GET
H2 200 adagio.js Show response
script.4dex.io/ 74 KB
23 KB 64ms
29ms Fetch
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 14:26:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SCMHCWMDPAG17H90
age: 534990
x-amz-id-2: 5XTW3CDsjCfAsMUUeuiETlsuWNaoGdGNil2j1gwAxJpsy4V8I9hdFzZENBg5pjuIi2f696dpab0=
last-modified: Tue, 22 Nov 2022 09:44:15 GMT
server: cloudflare
etag: W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F8OY%2FepHy8S0wqbs1BWZlX9tr72cnNf6JuCX9Gr6H77bxAXWsG6LU6%2Bh4NrTmRQQdBDtQlOykSGRMIP7maSWYBD2lLbhBqw86M8hDK56Qw%2BzZurtHBYFK37855RKL1mFJIWeWXzPE9FTKzs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7713c7317e3c9b77-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jnn-pa.googleapis.com
URL: https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain: yt3.ggpht.com
URL: https://yt3.ggpht.com/VkCAj2kW-WdbdvLo62GOfChk5D_RzCqEWmVkO-8biskmX9ZhDi4CLgOQusS6n07ijE_l-m88=s68-c-k-c0x00ffffff-no-rj

Domain: i.ytimg.com
URL: https://i.ytimg.com/vi/T9a7ceTNDdU/sddefault.jpg

Domain: www.youtube.com
URL: https://www.youtube.com/generate_204?b_nC9Q

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=WcRe9jrJ27lRz2mu&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwork.ink%2F&lact=260&cl=489849437&mos=0&volume=100&cbr=Chrome&cbrver=107.0.5304.121&c=WEB_EMBEDDED_PLAYER&cver=1.20221120.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=205&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24175559%2C24219382%2C24255165%2C24292955%2C24293803%2C24406605%2C24407200%2C24408610%2C24414162%2C24415865%2C24416291%2C24416440&muted=0&docid=T9a7ceTNDdU

Domain: www.youtube.com
URL: https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:06:37	Name: _GRECAPTCHA Value: 09APvHZ3ow-Mljwb7VkskcOw0Ozj5SiEMWXRB4WQV77TvWDC9oCZSa2oB9UNC2BDsKBhxCsq3uc2DhSJysUE3eX8I
work.ink/2kM	1969-12-31 23:59:59	Name: logglytrackingsession Value: 8fd9704b-b217-4905-b6d5-0b62f9006892
.work.ink/	1970-01-20 17:23:25	Name: _ga Value: 965cb294-3410-4dcd-8f46-49cd04ce8c9f
.work.ink/	1970-01-20 07:47:27	Name: __cf_bm Value: iXovrB81O7a.avb.lLR1nq1YlgTu2HNvwrn.im53bCY-1669645576-0-AeoUN1QCob1jBtccFPUKzhz9+aLdBbNig7rpIrbcsv5n75nj7//Evr1BbC3utqMgCFsy70hudoibdPmUGUfoMXyfYJulz+LTjm26c2v87BXfXmBBS7oRvVFnBqbci/ib8NMhAeRocKwcbTDYQrwbN28=
work.ink/	1970-01-20 08:30:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.work.ink/	1970-01-20 12:06:37	Name: _pubcid Value: b2b8884c-686d-4638-8b23-ae01f2fa0dd8
work.ink/	1970-01-20 09:57:01	Name: waldo_country Value: DE
work.ink/	1970-01-20 09:57:01	Name: waldo_continent Value: EU
work.ink/	1970-01-20 09:57:01	Name: waldo_region Value: 05
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2IhjZemnw1g
.youtube.com/	1970-01-20 12:06:37	Name: VISITOR_INFO1_LIVE Value: XSsOJtKZH9c
pogothere.xyz/	1970-01-20 16:25:49	Name: csu Value: 1772791813253179@1@1669645576
work.ink/	1970-01-20 07:47:29	Name: _lr_retry_request Value: true
work.ink/	1970-01-20 08:30:37	Name: _lr_env_src_ats Value: false
work.ink/	1970-01-20 09:13:49	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-28T14%3A26%3A18%22%7D
.work.ink/	1970-01-20 17:09:01	Name: cto_bundle Value: LlGNRl96QnZmUjQ0ekw2dUpoZ1NXV0NLdUM4bmlOUVFIeEhjN1F4bmJHN2V1VmROcHZNb3d5czAlMkZpV1I0dzlDME9hd3ZDYWI3aGR1MVp0cWNQOEQ5enJsbE9acXVBeEZobXFJNzdzMUNIQW90eGo4T1pjazhKRlA0JTJGYXZoaHo2M2VEMjI
.work.ink/	1970-01-20 17:09:01	Name: cto_bidid Value: mcFPul8xQ2FDYzc1UjNnVUdSbHZaMFQwYzdvN1U5MU5iTzM0WnAlMkZjZ2tsV0xWMXh0ZEtZNHFHJTJCZTk3dThIY3lSZE1OSXd0ZndCRG9xRk1ITGZaTVhLSm9hUkElM0QlM0Q

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://work.ink/cdn-cgi/zaraz/s.js Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://img.youtube.com/vi/JN7XpvG7g9E/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1408252460%3A1669645576813495&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAvyylS0WRp0BZRSG6QBTdVwdSl0Puf6ysaOm2CLjUFms5gucr71bfZ7Tr_cQW5G_rSHCoDFSQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1761476060%3A1669645576819212&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAus-fHc-ZjDeP414j6djjygVjn6OP_qVHDAo3k7CY2gXubDVEd9DXagVlxodurMbr0aKPA_hg Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://work.ink/403 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://work.ink' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
b.sf-syn.com
cdn.confiant-integrations.net
cdn.taboola.com
cdn.thisiswaldo.com
cmp.quantcast.com
d1zjr9cc2zx7cg.cloudfront.net
enaceanspection.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.ytimg.com
id.crwdcntrl.net
img.youtube.com
ipfind.co
jnn-pa.googleapis.com
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
pogothere.xyz
poleonaryprac.com
quantcast.mgr.consensu.org
redirect-api.work.ink
resources.infolinks.com
router.infolinks.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.doubleclick.net
test.cmp.quantcast.com
thisiswaldo.com
work.ink
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
api.rlcdn.com
i.ytimg.com
jnn-pa.googleapis.com
www.youtube.com
yt3.ggpht.com
151.101.193.44
172.64.199.35
172.66.42.247
178.250.2.146
18.66.97.24
188.114.97.3
2600:1901:0:8344::
2600:9000:2057:5c00:f:458e:2a80:93a1
2600:9000:21f3:1a00:9:46dc:4700:93a1
2600:9000:21f3:b800:3:a4cd:8380:93a1
2600:9000:223c:5600:6:44e3:f8c0:93a1
2600:9000:2240:8600:9:46dc:4700:93a1
2600:9000:2251:de00:19:8cab:9c00:21
2606:4700:20::681a:9a9
2606:4700:20::681a:a77
2606:4700:20::ac43:45a0
2606:4700::6812:116b
2606:4700::6812:c5c
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2002
2a00:1450:4001:802::2006
2a00:1450:4001:809::2004
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::200d
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a02:2638:1::13
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
35.156.66.115
50.18.102.42
52.15.219.226
52.49.92.250
88.221.168.201
00e60d1e581c118894ca2fac923f2fc4484390892cb94b91058b40c34b2fe450
0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a
13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411
15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d
16ceed71d56f406ed372cbe3b333f469df2496c2382a65d0a5d0792e9e242336
19e274e31dc09ce309b324d58b9fbb10e2752be388066fb741ad76adc11a62eb
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
239c3f428b099e4d49031ac5a49878d298e9bca961e1639f161ea16f513bec37
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275094aa5d73cd24d848e78f0c41c33d9fd61a09d97b9976e5e707dfd24ada00
27bff46d41bb01584efe34d12ce63aaedd00f071ff13f4bbb0cc70ab56d3192d
29dde4e2d69176e50aee61188f7ef9e5da0fedf36a26c2dad1d141267511a042
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
313b0b9da4a2eea5f7a4032d3f8767841f014163e78e991acf208184539a8770
3624981e1aa019a5dea62ba01d0cf5fadbed2354df6cbd14c2a805512fbe5b75
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40c0f91a1dd9399eeee39c0c14534cbc2346b0d79a68248d923543ab50eb7dd9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
518f1b56125147cd234296bd2ec426fab487c58e973ad18a0a6635c1d012bdf6
55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
5973f86a3e90e162f512340ab930de124118cc4c0ece2454d9957a72de6943f7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fed67b6c94c528ea2bfe4bdcb61c0ce60d32432123631b33a892facf053841e
620ca537f7a84340470ff364c66c2b33d6ed869e8ed0b3a69ac8a5f5c218898f
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70002be766312e408755bd5457a8a5c169b956ce74d9f70a4ef368ca2639148f
789b89aba95796aad2e2e7b5962c320a42cfe1bbfb6e4fbf837c1af368ae281e
7dae5ac97aa67d591edfe99862719cba49ae72c333a08d670e5f61c80a822894
819a5b03a49a26dce99f8f69e679f3e248f2ffc53bda6b294cdadb61e1eb0f7b
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4
87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90
89dc53032ee24db778a5419ea48ac2fe43df017f39910438dad3c681027c2cf3
8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb
8fee08db0c772e734a96ac3204237ed6f77a75b690249707dd5e54311c409415
9018a2e5f42a3420f13aadb13c1fa2df74fb9abf9fdff5ab01c7cf92ddd78f14
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a285c7b7b5d2b42d829c7db8153ff2e3331fe1c8bcce884de35a89271a982943
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aba823a3aa01c3b4f77dfe6c23036bd2a2522adc264e6fc05f13779aa80815ff
ac578eb431ec1df010bcf1beeb2fb7009f567a2ff25624bf7a3fb9cf65a14f96
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b47e5ab37362998b55b8d8eddca591867a23f45f2d8169f07e0d908463cd375c
b56fe85f081b5c80c19e3bf03dd810cac5c0f80aea76fcc231d9a55a36cf9fa8
b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
b63ed4c3792f6acb0b70a6083ad090bbac092cfcf021106be33f5f73690363e4
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bd3fe70e87c0f680d29547247e1244023050bf3f216fae2a3f3832df70a63555
c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37
c2995690e9dfac900bebef6d09af2b89ddaa8a699ad19a0339d2938171b2d1ba
c75b03030e979c32e3e76a3ef82753fb2a869082edf3b2891b94de2d92fdc24a
cd82af1d3af67c4f7aad49c68da4bfb907c83a5647d3011f7ed18de3eed2e8f0
cd95ed1dc6e84cac53ee409bfe80e6a985e0efbba98dcba010a5bf2b76fdd2f3
d06c1486d196162ded5e14d337d0a36843fcf8c605e174e7b0bdfb6580f01c7d
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e4f6d730856225b5a560ef8cf1c74c520d092401345ca73f94c1a83d284e4d
d172d0ec4ab9451f8fd909c0c26d6db6e30bed920a384579c450290a207b5131
dcdb794cf5e19b747a7c2ba364bfc44b7fd1848fcb6dc538edd84af839481579
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0
f7f7c9968bc34791cb1568fa746996c40f4354735b6a3b07eebdf9b2c65e578d
fc52e95bd3fca78fee09eed1cc69749f3f0b565c5fff50f2ad3f012001a066a9
fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

work.ink Open in urlscan Pro 2606:4700:20::ac43:45a0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

89 %HTTPS

68 %IPv6

31 Domains

42 Subdomains

39 IPs

5 Countries

2571 kBTransfer

8110 kBSize

17 Cookies

0 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work.ink Open in urlscan Pro
2606:4700:20::ac43:45a0 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

89 %
HTTPS

68 %
IPv6

31
Domains

42
Subdomains

39
IPs

5
Countries

2571 kB
Transfer

8110 kB
Size

17
Cookies

102 HTTP transactions
2 data transactions