urlscan.io logo urlscan.io
SecurityTrails logo

work.ink Open in urlscan Pro
2606:4700:20::ac43:45a0  Public Scan

Go To Rescan Add Verdict Report
URL: https://work.ink/en/l/159/Shindo2432
Submission: On June 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 5 countries across 36 domains to perform 190 HTTP transactions. The main IP is 2606:4700:20::ac43:45a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink.
TLS certificate: Issued by E1 on May 14th 2022. Valid for: 3 months.
This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:236... 16509 (AMAZON-02)
2 185.132.178.119 49981 (WORLDSTREAM)
5 104.90.104.26 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 1 138.199.37.227 60068 (CDN77 ^_^)
2 2600:9000:224... 16509 (AMAZON-02)
3 142.250.203.130 15169 (GOOGLE)
2 151.101.193.194 54113 (FASTLY)
1 13.57.144.12 16509 (AMAZON-02)
22 151.101.193.44 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 217.79.188.54 24961 (MYLOC-AS ...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.227.203.184 15169 (GOOGLE)
2 104.102.28.29 20940 (AKAMAI-ASN1)
2 143.204.89.75 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:231... 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 4 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
1 3.67.149.72 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
15 141.226.228.48 200478 (TABOOLA-AS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 108.138.17.102 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.15.219.226 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 35.71.131.137 16509 (AMAZON-02)
6 2600:1f18:612... 14618 (AMAZON-AES)
10 10 185.94.180.126 35220 (SPOTX-AMS)
2 151.101.1.44 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
190 48
16    2606:4700:20::ac43:45a0 (United States)

ASN13335 (CLOUDFLARENET, US)
work.ink
1    2600:9000:236e:7a00:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
2    185.132.178.119 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
mowplayer.com
cdn.mowplayer.com
5    104.90.104.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-26.deploy.static.akamaitechnologies.com
contextual.media.net
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2600:9000:223f:7000:f:9fb4:2380:21 (United States)

ASN16509 (AMAZON-02, US)
dq06u9lt5akr2.cloudfront.net
9    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
jnn-pa.googleapis.com
1    138.199.37.227 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-227.datapacket.com
cdn.materialdesignicons.com
2    2600:9000:2240:c400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    142.250.203.130 (United States)

ASN15169 (GOOGLE, US)
PTR: waw07s06-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    13.57.144.12 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-144-12.us-west-1.compute.amazonaws.com
ipfind.co
22    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
15.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
wf.taboola.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com
ad13.adfarm1.adition.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    35.227.203.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.203.227.35.bc.googleusercontent.com
ctxtfl.com
2    104.102.28.29 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-29.deploy.static.akamaitechnologies.com
lg3.media.net
2    143.204.89.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-75.fra50.r.cloudfront.net
sb.scorecardresearch.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2315:4000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2156:4c00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:2156:a800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    3.67.149.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
6    2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
run.cntxtfl.com
15    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
3    108.138.17.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-102.fra56.r.cloudfront.net
ycreatmentto.xyz
3    2606:4700:3037::ac43:c9ba (United States)

ASN13335 (CLOUDFLARENET, US)
ationsuchasr.xyz
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com
thisiswaldo.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
6    2600:1f18:612b:4232:dec:f48c:c120:9a90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
10    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
40 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 982
trc-events.taboola.com — Cisco Umbrella Rank: 1600
trc.taboola.com — Cisco Umbrella Rank: 672
15.taboola.com — Cisco Umbrella Rank: 1819
images.taboola.com — Cisco Umbrella Rank: 1602
vidstat.taboola.com — Cisco Umbrella Rank: 1782
am-trc-events.taboola.com — Cisco Umbrella Rank: 14634
imprammp.taboola.com — Cisco Umbrella Rank: 11407
am-match.taboola.com — Cisco Umbrella Rank: 11762
wf.taboola.com — Cisco Umbrella Rank: 2038
am-vid-events.taboola.com — Cisco Umbrella Rank: 11178
sync-t1.taboola.com — Cisco Umbrella Rank: 1188
pips.taboola.com — Cisco Umbrella Rank: 1482
cds.taboola.com — Cisco Umbrella Rank: 1377
487 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
158 KB
16 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
1 MB
16 work.ink
work.ink
139 KB
10 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
7 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
imasdk.googleapis.com — Cisco Umbrella Rank: 425
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
185 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
413 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 8
accounts.google.com — Cisco Umbrella Rank: 116
51 KB
7 media.net
contextual.media.net — Cisco Umbrella Rank: 529
lg3.media.net — Cisco Umbrella Rank: 3752
62 KB
6 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3363
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
2 KB
6 cntxtfl.com
run.cntxtfl.com — Cisco Umbrella Rank: 106036
302 B
5 quantcast.com
test.cmp.quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 495891
audit-tcfv2.cmp.quantcast.com
135 KB
3 ationsuchasr.xyz
ationsuchasr.xyz
1 KB
3 ycreatmentto.xyz
ycreatmentto.xyz
4 KB
3 cloudfront.net
dq06u9lt5akr2.cloudfront.net
68 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
58 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2518
24 KB
2 freychang.fun
freychang.fun — Cisco Umbrella Rank: 25689
101 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
58 KB
2 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 257
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 134
2 KB
2 ctxtfl.com
ctxtfl.com — Cisco Umbrella Rank: 52117
32 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1441
90 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2293
45 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
39 KB
2 mowplayer.com
mowplayer.com — Cisco Umbrella Rank: 146465
cdn.mowplayer.com — Cisco Umbrella Rank: 184850
54 KB
2 thisiswaldo.com
cdn.thisiswaldo.com — Cisco Umbrella Rank: 61579
thisiswaldo.com — Cisco Umbrella Rank: 54394
99 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 991
345 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1029
10 KB
1 adition.com
ad13.adfarm1.adition.com — Cisco Umbrella Rank: 53343
152 B
1 ipfind.co
ipfind.co — Cisco Umbrella Rank: 68372
462 B
1 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 22356
655 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
190 36
Domain Requested by
16 www.youtube.com work.ink
www.youtube.com
cdnjs.cloudflare.com
16 work.ink work.ink
cdnjs.cloudflare.com
10 sync.search.spotxchange.com 10 redirects
9 static.doubleclick.net www.youtube.com
cdnjs.cloudflare.com
8 jnn-pa.googleapis.com www.youtube.com
6 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
6 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
6 run.cntxtfl.com mowplayer.com
6 cdn.taboola.com work.ink
cdn.taboola.com
6 www.google.com work.ink
www.youtube.com
www.gstatic.com
www.google.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
www.google.com
5 contextual.media.net work.ink
contextual.media.net
4 am-match.taboola.com vidstat.taboola.com
4 trc.taboola.com cdn.taboola.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 googleads.g.doubleclick.net 2 redirects www.youtube.com
3 ationsuchasr.xyz work.ink
3 ycreatmentto.xyz dq06u9lt5akr2.cloudfront.net
3 cmp.quantcast.com quantcast.mgr.consensu.org
3 securepubads.g.doubleclick.net cdn.thisiswaldo.com
securepubads.g.doubleclick.net
3 dq06u9lt5akr2.cloudfront.net work.ink
ycreatmentto.xyz
3 cdn.jsdelivr.net 1 redirects work.ink
2 am-vid-events.taboola.com work.ink
2 wf.taboola.com vidstat.taboola.com
2 imprammp.taboola.com vidstat.taboola.com
2 images.taboola.com work.ink
2 15.taboola.com cdn.taboola.com
2 script.4dex.io cdn.thisiswaldo.com
script.4dex.io
2 accounts.google.com work.ink
2 freychang.fun dq06u9lt5akr2.cloudfront.net
2 trc-events.taboola.com cdn.taboola.com
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 sb.scorecardresearch.com cdn.taboola.com
work.ink
2 lg3.media.net work.ink
2 ctxtfl.com mowplayer.com
2 confiant-integrations.global.ssl.fastly.net cdn.thisiswaldo.com
confiant-integrations.global.ssl.fastly.net
2 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
2 cdnjs.cloudflare.com work.ink
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 am-trc-events.taboola.com work.ink
1 thisiswaldo.com cdn.thisiswaldo.com
1 www.facebook.com work.ink
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 stats.g.doubleclick.net www.google-analytics.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 imasdk.googleapis.com mowplayer.com
1 cdn.mowplayer.com mowplayer.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 ad13.adfarm1.adition.com work.ink
1 ipfind.co cdn.thisiswaldo.com
1 cdn.materialdesignicons.com 1 redirects
1 fonts.googleapis.com work.ink
1 www.googletagmanager.com work.ink
1 mowplayer.com work.ink
1 cdn.thisiswaldo.com work.ink
190 61
Subject Issuer Validity Valid
*.work.ink
E1		 2022-05-14 -
2022-08-12		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2022-06-01 -
2023-06-16		 a year crt.sh
*.mowplayer.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-29 -
2022-11-01		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
ipfind.co
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2022-06-01 -
2023-07-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ctxtfl.com
GTS CA 1D4		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
run.cntxtfl.com
GTS CA 1D4		 2022-05-06 -
2022-08-04		 3 months crt.sh
ycreatmentto.xyz
Amazon		 2022-06-22 -
2023-07-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-07 -
2022-07-06		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2021-09-25 -
2022-10-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh

This page contains 22 frames:

Primary Page: https://work.ink/en/l/159/Shindo2432
Frame ID: CF362D2188B9170F47609FBA08DDE6A8
Requests: 104 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Frame ID: 8ADF30A20ACFC1E85D6C8956A9DF4A81
Requests: 18 HTTP requests in this frame

Frame: https://ad13.adfarm1.adition.com/
Frame ID: 3927BE8CC16C679E743A252DE4B88A27
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUBA81EG&https=1&itype=CM
Frame ID: 483F28F1289142874D9F63789377D4CE
Requests: 1 HTTP requests in this frame

Frame: https://ycreatmentto.xyz/Rnpwd2QnGBMaWydHElERNBZNUlYAX0IxADdKRgJdKg5FFg80SF4UCCkPFBEWKRQEWQojDlVFIigsHhMJJ0obRiMHHT4TDQ8fMRs+MSAlTjAeSRgALBQvNT0dHDE9HS0vOxpPERYCSD8oPDQWNhMUKDUfITIbQBMlBAMXQyEADj47ICEvJ0YUMDQIOiEQFEEAJT4jNT4JNR8zH1QrNhc2KgIAGw4xFDc7EyA1Izg2LSo1GC0gEStJHTMQID8SVhwcNSYtKDcYEDYBPQgcNjEdFhUjFDImRhAoIBw9Mg0tCBw2Pj8zPVYEPiFGAwoZQCEzA0lJHjwtVz4tARIZODEDJQk5JS0DOzM2DRMWIQMCASwxJCIuX0IxB3YsJyYdD19CNSUxCTgVIxdKIUYIczUYQyoCFwgcNjE/PzwOdiMkR1FxIBgmKwEpKUAhLTQqM1YiMiYiMnMfNT0zHiIcQzUqLD8SVh8/MgBUKTAyQiARK0kdNgA8NhIJBCg1Rj5yXBoECygKTSM9LS44PzAQKygiUAwo
Frame ID: 4F1604DA5C131C791E7F453248A7375D
Requests: 2 HTTP requests in this frame

Frame: https://ycreatmentto.xyz/YzZTVHECVDA5TgILMXIEEVpucUMlE2ESFRIGZSFID0JmNRoRBH03HQxDNzIDDFgneh8GQnZmNxBsYQIJNwY4ETILDiMwGS57FQw7FGAVZTQGBScWNRR/NB4JB28cFgYQYzoRCAVOOBIgFGNiGCcTYAUtPAx1Ah48AmUkHjMITnZmMwFBChY0UHxqBSMiZzA9ICp+KzMbKWcJFSAUWmsHJzVjNQwdM3M7MxkvZzQHMA5GZAIGEHAyOgU7YBYSGQZjGQM8UUZkAgkqbxoMSDdnFh0/AXAFAjI7WmoAGiFyNS0WO3ABZAAzURocNgpvagUdAAU2OgEyZWN5O1ZUFQInNGUCPDQUUTc1HxBdAhE/RgQVHiBXeRUTAVRgJB0kL3UaHSUlZGoxIDJ4Ei0wCHc4FjUgbjsMJw8PdmY3OQcZAiNQDz0BHTljNQwaNnQRNwQsQWYVIBRaawI3KVA1HEghcxYsVFF0dT4CDFgjaTgwU2YQMlNmMQ
Frame ID: DE11C4B13C21E33FE22967F7F48B6B48
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Frame ID: 852BC095F46CEB6B375E5D85AFFC6A9B
Requests: 7 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?19ae7b1f4e1249149c0871d1dc258356
Frame ID: 9BDE897290EE84F8F697E09C610875EE
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?11cc3642341543a8c85ce0fa0c26803b
Frame ID: 3BEB9BC64F221357083EB181CD9E6458
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?c9fa18cc994b1cc9ef2a5d5bde48ac25
Frame ID: F01EC12BAD3DBBCE241E447DE2E25D3B
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?2f6456d572b633de8321952e80e424f3
Frame ID: 0447C533B46A2CF7DFFE4FD016D21AEA
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?9bb4daae8e52b3db41420ff39241916b
Frame ID: 0ABFC939B82CE6FDEF75CDAE33EC3BE5
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?9bb4daae8e52b3db41420ff39241916b
Frame ID: 5430E526EA739863EB9A744C2D5163E6
Requests: 1 HTTP requests in this frame

Frame: https://static.doubleclick.net/instream/ad_status.js?cafc9139ab0b2b139119a999b02c7bde
Frame ID: 7F95E0DC3A447000E0C299AEF4A0B9C5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Frame ID: 95A0CCC064BD4E81C901FFF5E1D900C6
Requests: 17 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUBA81EG&https=1&itype=CM
Frame ID: 14E7A0858D6B7025952C916472DA6EF9
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=undefined&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F1945B746046467209915758029&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A5DC7988D5C80E8FAE18CF9F6D4BCA79
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: C4E32F7ED77630DB3FB36D3ACE7DF328
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=undefined&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=84E9BEFD4737862689670913&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8F926651EBADF4AC1D98DD0D6645D35E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 9E707604224615129EA7D957E67E4221
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: DD998ED30F0D899B53532A84A9369E18
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 27093C90FD98A0A0E13CECBDF6F1A5B1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download Shindo | work.ink

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

190
Requests

93 %
HTTPS

61 %
IPv6

36
Domains

61
Subdomains

48
IPs

5
Countries

3775 kB
Transfer

12940 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://cdn.materialdesignicons.com/5.0.45/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/5.0.45/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.0.45/css/materialdesignicons.min.css
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 120
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 158
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=4e8eb46d-f707-11ec-a1f3-124172220506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8eb410-f707-11ec-a1f3-124172220506&orig=video&us_privacy=1---gdpr=1&
Request Chain 161
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=4e8f68b1-f707-11ec-b050-10a0cca80106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 164
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=4e8e79bc-f707-11ec-8dcf-1df4c96b0406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8e794c-f707-11ec-8dcf-1df4c96b0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 167
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=4e8f8263-f707-11ec-b38f-1f932c7f0406 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 176
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Request Chain 179
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Shindo2432
work.ink/en/l/159/ 		224 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33 PleskLin
Resource Hash
22140504b20f06831969e91ea61bbcc416e24240847673bbefed07e597526aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72281e647bdb3759-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 17:25:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=059Q%2Bd8AA2q4S3uI0YcM0%2BRotNIvXb61%2Bfmk7wgW6NXogINEKJVVMsrtKn54D5m2R%2FBmGk813RLZccKGBx6voDBMKkLghLFVdLiu0FWtHMaqNg8HwP72t4LtdcO8zWTU%2BUumPQzD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.3.33 PleskLin
x-xss-protection
1; mode=block
redirect.css
work.ink/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://work.ink/css/redirect.css
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2c888fec7b7400dd71e79a7497a5c37ef65914b17d6cf03e27aef7fc0ebf2c83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1520
x-powered-by
PleskLin
last-modified
Sat, 07 May 2022 14:05:26 GMT
server
cloudflare
etag
W/"62767ca6-2774"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbmU0HCUfjX8duEi2sJ2H18fOoAFfoghwUtV2YujmfyGLOE4Uq7267OAclhk6r6wkXM%2FTjdM4j81Q4hCp3kRk2lK04deYY5SRmMa47mUBM14yrSW9YDUFAsfD1RM8wYbkCpmC79K"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-polished
origSize=10100
cf-ray
72281eb36f553759-MXP
cf-bgj
minify
11929.js
cdn.thisiswaldo.com/static/js/ 		337 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/11929.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:7a00:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1138fb9c6fb4821fa8b16aed16476559e6ef1813113b75c591b9c23f2f01ac4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 02:18:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 07 May 2022 20:09:06 GMT
server
Apache/2.4.29 (Ubuntu)
age
54431
etag
"5435b-5de718c12d0e0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
PDuJausU6LPphkmXkaXCXlKA5-uLRQ-qsPKRzj26qpmoe7DvAGp3xA==
mEihTUtQyn.js
mowplayer.com/js/player/ 		145 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mowplayer.com/js/player/mEihTUtQyn.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.178.119 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
562cf7de0e7b831a3f8c0af5fe0268a22be4d000c9b600eb1337a65afa34274b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Jun 2022 17:25:08 GMT
cache-control
no-cache, must-revalidate, no-store, max-age=0, private
server
nginx/1.14.0 (Ubuntu)
content-encoding
gzip
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
dmedianet.js
contextual.media.net/ 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CUBA81EG
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2be2ffe3d1b155a89a7e2035b77ecb27f06b0853dc7880759d060fc0ae5fa68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-mnt-h
22-nddc
content-encoding
gzip
etag
"7c8fb017430f5c53bcbe06a750ae05e3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 28 Jun 2022 17:25:08 GMT
x-cache-hits
0
strict-transport-security
max-age=31536000
x-mnt-w
8-9
expires
Tue, 28 Jun 2022 17:30:08 GMT
invisible.js
work.ink/cdn-cgi/challenge-platform/h/b/scripts/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656432000
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33936ead124ab864ecc551407f3d598bd14ac6924d20617ad412b8b16bd58183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CZGDvv%2Fs9MglnRrix22dbKbN1Rapy%2Fm0RdP6UiE2naQ4oXw707Dqe5EEwG0CYtEauXcGIRg3G4nWHvxvxG0z41bVuvc85HnaUIUPDmfAhC59BOo2r2I3RebmafI1vhOu9eMeEu2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
72281eb4a9443759-MXP
workink.svg
work.ink/img/ 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/workink.svg
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
age
4036
x-powered-by
PleskLin
etag
W/"61a7aa26-2151"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsYhlRIJ3fqxJ5YhwY1jJLWHmYeQ4cVPofI%2BmgKAsEK99nteeTkk1yCnnbU3%2BEn%2Bp%2F6G3kqxQOk61OmeAwOQ%2BoW2wb%2BivtJf8abx820NngkQ7OVS5lb7LOfhqU331sRxFtC5ECbY"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72281eb4a9473759-MXP
workink_steps.svg
work.ink/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/workink_steps.svg
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d572d5d1a55caa01881599e4d1ff4bef6033ae9d75a8c9f44489c9ceb6db0086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
age
3278
x-powered-by
PleskLin
etag
W/"61a7aa26-9c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fe5%2Bm3B4WQWio9NLHjghv7SihFb6bj0i%2B%2BJrVC2CbGpaGNvXJOy%2FDb8uKhFaYKOITnSSbzRlewBQN%2BQsFOJOpf7jrvVvj2RaxvpS7chbBceYNQ%2BhHP%2FB5KhGDhs5XKgbyhwEvvJA"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72281eb4a9483759-MXP
youtube_step.svg
work.ink/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/youtube_step.svg
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9dc8597633a325ffd25e6ed68b93cefd55d68e08bfa782fa7cfc3b4cdb7eed8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
age
6785
x-powered-by
PleskLin
etag
W/"61a7aa26-684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsJ%2B%2FLgqn81B9kSZDo1MYUL%2Bxksb4XVi9wim3UmWbKJa1nvtWiFsIgUY3zAm4wT6MUVD0z5nZe9gkjmhEE1Tqg4CKZa%2FxuW4ha7shtkoIg1ulm%2BCSHxlVbkoOm1nZBJ7IEcdWwgV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72281eb4a9493759-MXP
chevron_right.svg
work.ink/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/chevron_right.svg
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2c7c177c32c476b49c28c9f0c72c9b960438fb31e2bdc207bebf63b6cc41bc73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
age
4026
x-powered-by
PleskLin
etag
W/"61a7aa26-586"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bi8M5XC3Sx8x%2BdwLr%2BwFnp5RULX54G05sA3DOraL1qCQQ9K%2F7%2BH7rXnAQjebCkAa0IDa7SanUVH9iTACaMqIqavCpS39%2F4BqN%2BmZ477DNxX8vp5%2FCeoVgNqY%2B2f%2FCKvQ37NRCaNg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72281eb4a9513759-MXP
sign.svg
work.ink/img/ 		0
0
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://work.ink/
Origin
https://work.ink
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4632013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27964
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzXSO3uX6mRg%2BYnnEkcBF%2BtXc5oyF6Ns15kF0F1e474YWWR%2ByEBQt8wCGSOkPtWeVesPSxNMtW4AAAJbne%2BIYGiwKs1Buay0J6K5H4bU%2Fkg5d%2BrfSHigRWbw%2FEdLayJZ6JQDn2DCM4P06zm%2BevAbomNC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72281eb3bf45cc62-ZRH
expires
Sun, 18 Jun 2023 17:25:07 GMT
sweetalert2@10
cdn.jsdelivr.net/npm/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@10
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71518e46463eba2ba7cefd9e6b0d4604b8e026eae3111379486a510c4f6f78b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22597
x-jsd-version
10.16.9
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19129-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"11bb2-TiI/wgz0Cs+BoC8fAb8miI/2YYg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN4FFHS%2BC6ievVydXJ4bJschVvGqahFQwok49yNuxt%2BNAgzhRomNGUtWXv6lxR1toGHu4H8dEA1PuN3S2YUcKbWcJKC4Aeo84doeBlbrihVM4%2BpkI9U%2BrT0oO781IzZ2ffp%2FGjfX%2Bc0zDyUpCjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
72281eb4089723af-ZRH
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-99308026-10
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e19a5fa5bfd9274632e89732203714cdfab393e74add6a085951cc447d27aefb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39767
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 16:25:13 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Jun 2022 17:25:08 GMT
redirect.php
work.ink/en/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://work.ink/en/js/redirect.php?s=ab0a489ea1946582232291b1dbf200689
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33, PleskLin
Resource Hash
1d2e4c58ed4418084cf308fdcd39c08b414e73a06bc020848c585ad5b1caea1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.33, PleskLin
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8gyQitjvy%2BnawSO0WxRXfjhHlhQe4YUM5UtUaF2vx0zXExkqO74MOK9AoS9q5eD7WYKUSFF8kdCql3lROkd0AeN7Ady7wbl8iGbd6qB6lkVbNBFtCIr66WcP44M6SxvpmFhpxYD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
cf-ray
72281eb438923759-MXP
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.js
www.google.com/recaptcha/ 		901 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=v2Loaded
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e9bb4a85d24bc9d1dae57c99bad784983efde2e96b2d9c7b613953211de5c67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
569
x-xss-protection
1; mode=block
expires
Tue, 28 Jun 2022 17:25:08 GMT
api.js
www.google.com/recaptcha/ 		935 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&onload=v3Loaded
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1ea365d4cd0f63d198a882f0b2af3a0829db821ea730f9f8f85b85372452649
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
603
x-xss-protection
1; mode=block
expires
Tue, 28 Jun 2022 17:25:08 GMT
session.js
work.ink/en/js/ 		280 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://work.ink/en/js/session.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f6014ec209fe02a0484b1dbe8ccc69425a3794433ed0791859ac59e46a3e3d4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3279
x-powered-by
PleskLin
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"118-5d2189c0468eb-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51LaIsYVBLCLw7p5qt%2FmOrFt6h6vUOKqMI6vkMchq6JhZ8DVYFjuXWFsvOExkxhUxizx4A4GnbHlztbSe4Q1FBGudtT%2BFoLswbHVEWd%2FHoEYkoeNuJ%2BGkhDETrpaShrjta9Z%2BVH6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
72281eb4a9433759-MXP
/
dq06u9lt5akr2.cloudfront.net/ 		203 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:f:9fb4:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
80fd30075686790aa3f14df7618a3345dd46328121b572e0b10e04b74ea4201d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
68455
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id
W7agv8KCmqQeC0eRa4ygwH-zVaHx0hw83UhWCl9t5CnSCcDroz_JHA==
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:300,400,500,700&display=swap
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a4c6a650b06f393adc21234ad284683386081c6f2304e9ef476981a400c2349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 17:25:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 28 Jun 2022 17:25:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Jun 2022 17:25:07 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.0.45/css/
Redirect Chain
  • https://cdn.materialdesignicons.com/5.0.45/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/5.0.45/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.0.45/css/materialdesignicons.min.css
225 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@5.0.45/css/materialdesignicons.min.css
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1c9509c5434a558df5debcafd33eaca04b13893d0a9d63dd7498fee9a3bef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8582521
x-jsd-version
5.0.45
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19165-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"385de-jpouluqksTMMkF9FKnHkzNghc7k"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bte0fEirqkFM9sxGFfWQXQQ2JutUscZ%2B0ahqeeDXhisgiojx0rNJAXz8e5lynNKdqWBmYa%2BmdRGmEIegiVrFo%2BM%2FVFPbyZ6ECP7OoE3AdAfo5Nl35ahL7%2BlgJ6761WSirAzaWeCzkWHkGYOfPJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
72281eb428d123af-ZRH

Redirect headers

date
Tue, 28 Jun 2022 17:25:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8582521
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111
x-served-by
cache-fra19164-FRA
timing-allow-origin
*
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWqKGf8SjuGNSf1PA%2BuqEh5%2BRycb%2B4j8Qw3VBJuvbtvFFNxoO6W%2F8K8zu2V8mVBS7aq8jrrpf0TVXBS9Yn%2Bu%2FrMf8xs7qZ7jd8PcUdjNbUxe3ev5tiFi0lrrpejvUja7vccjZ18uMyilLmqPVyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/npm/@mdi/font@5.0.45/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
cf-ray
72281eb3f89623af-ZRH
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7165630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10491
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLEf1pWIIJ7GjtCNaDZdv%2BJacRZ%2Fv%2Bo%2BBGVzFqsbPzjU0n3oVxRCMKqWkNwHHD%2BpKrun%2BUoAzu3cdg3Ve9DM9pgxJ7dlhg5kXyGCnmP4bNu5Q9nfDUC84hjHuiVHnvRE%2FoAEU0tUIzeEf0ZfZiH9IJ1j"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72281eb3ba13cc4a-ZRH
expires
Sun, 18 Jun 2023 17:25:07 GMT
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 28 Jun 2022 17:25:09 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"84f67876c95a3a1982d1378d05722a85"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2gTBXNQQ-ERVISmTVIEVAVFFjog9CRDzV0v96nWx2p3d0cl1FYM98Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.203.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6a39869b5c0a2e7540a1b80f8671462bb6d647f8989a65338decb01e934ec55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28124
x-xss-protection
0
server
sffe
etag
"1257 / 624 of 1000 / last-modified: 1656414245"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Jun 2022 17:25:08 GMT
config.js
confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 		118 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b89ce9b72a646720a7c02d24c2258fae93082660ba1ce3180a2f7a8405d0bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 17:25:08 GMT
Content-Encoding
gzip
Age
3037
X-Cache
HIT
Connection
keep-alive
Content-Length
24475
x-amz-id-2
uBwRKOXioB5h1+GufHeS9a+eJ1JAk2NpuZQHy51wZppT33jYlqkGhXJY/MRrPs9AqWm3E7k1XAA=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Tue, 28 Jun 2022 16:23:00 GMT
Server
AmazonS3
X-Timer
S1656437108.043887,VS0,VE0
ETag
"9dba978584be4a974868bb79c1915325"
x-amz-request-id
32NG290SEAA3KGG6
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
83
me
ipfind.co/ 		350 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.144.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-144-12.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5723bbe85212425b466e89a151bebcbd00c230fc15447df005288c58f668eb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://work.ink
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
245
loader.js
cdn.taboola.com/libtrc/workink/ 		153 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/workink/loader.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e56d1a2eaba2ee5df801c953548f9fdcade501929bcfacd3cf3bd26453bfc921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
a8bmRL8pk08fs2T54S6Fm5V6lVjqMqhr
content-encoding
gzip
age
9
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
7
content-length
23325
x-amz-id-2
zjPIQIlFfk39v+jrEdD5lyLtwI64QK6iVGLWgtrgvyfmGHvYmsq+yAAx1lQbJa8qdgsrQRSFFjk=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Jun 2022 10:10:12 UTC
server
nginx
x-timer
S1656437108.040627,VS0,VE1
etag
"512752eb55ff215f83f3d335b10230ef0353f507"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
5FT91R09BVCVFDTV
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Tue, 28 Jun 2022 17:25:08 GMT
abp
29
x-cache-hits
1
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v11/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://work.ink
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:07:46 GMT
x-content-type-options
nosniff
age
1042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:29:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 17:07:46 GMT
gAtu04_Cpak
www.youtube.com/embed/ Frame 8ADF 		63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3ae4df39517f33bb481e0ab6a0b55a5ec6360a4c0ee6c8e362c5fa0d5da44e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 28 Jun 2022 17:25:08 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
reddit_white.png
work.ink/img/ 		582 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/reddit_white.png
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9efa0693b5a54124a176eeebb1f89b1869fc0e321368f6d36eba35d882687a77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/css/redirect.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1300
x-powered-by
PleskLin
content-disposition
inline; filename="reddit_white.webp"
content-length
582
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
etag
"61a7aa26-acc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHegCb%2FmwCvrLTpZfRMuznZRy5UlHc1r346KhV2YtisfV2Oj5PM32D9ZwZX%2FPy%2Fijg8R2YLaGus2noKHNs9sOO7imYKAtzHbfxY4gSsU6o7J59T3fskzEonDVZf8KhYviMcXt%2BVJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=2764
accept-ranges
bytes
cf-ray
72281eb4d97b3759-MXP
cf-bgj
imgq:100,h2pri
facebook_white.png
work.ink/img/ 		308 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/facebook_white.png
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa356ed1428b543eaa8e4e88639ebcb98f929a7fd13ab30d5236fd56f38cd3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/css/redirect.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1299
x-powered-by
PleskLin
content-disposition
inline; filename="facebook_white.webp"
content-length
308
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2b7-5d2189c03fb8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StM1TDW7aAVZAYqKDUABAOZxs4krC73Re8VsRv5VUGNPkqTz3MkttBrdoF9uZHuSmNPPior3U00aESLAYE4Axx2XsA0%2F9LW0c%2Fb%2FdzU0RKBxZVQ8z26qO%2B%2FJdxJjZjiL8S%2BQ7mKz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-accel-version
0.01
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=695
accept-ranges
bytes
cf-ray
72281eb4d97d3759-MXP
cf-bgj
imgq:100,h2pri
twitter_white.png
work.ink/img/ 		776 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/twitter_white.png
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ea0749f0d87b78554a570e92c3ceb965e9ee899c86c17b927fd8f70013de10f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/css/redirect.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294
x-powered-by
PleskLin
content-disposition
inline; filename="twitter_white.webp"
content-length
776
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
etag
"61a7aa26-677"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqdIi%2F7pfxG%2F%2BbrI7dwJF8%2FyfkR1MNwu3TS65dAPrQOUmsSHBqr0S8F%2FvXFzCY2rc8kyeI%2BpID8llVdtDHmmzenVT3vs9fmfEUmKHZegbH1OieYGnD%2B14Qy2hK5Lqe%2Fw%2FxnoaV5V"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=1655
accept-ranges
bytes
cf-ray
72281eb4d97f3759-MXP
cf-bgj
imgq:100,h2pri
telegram_white.png
work.ink/img/ 		608 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://work.ink/img/telegram_white.png
Requested by
Host: work.ink
URL: https://work.ink/css/redirect.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b495f3a07d2e33733e326e03bba1d0f2b3f40711636110279a01214905fbabad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/css/redirect.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:07 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1294
x-powered-by
PleskLin
content-disposition
inline; filename="telegram_white.webp"
content-length
608
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
etag
"61a7aa26-aa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuiNreLXaPaZifhUJbvUuZ4pplzatEd0NP1aQhmmMjQMaZ52m%2BR4gBAlkWrqgP528hVeQRhtvUbowBTM1OGpIyIfJaiGrYXZo1LRqoeY%2F7vEpZZEEfGdEvbL7OLqsSQMkD4Zbi5l"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
cf-polished
origFmt=png, origSize=2720
accept-ranges
bytes
cf-ray
72281eb4d9813759-MXP
cf-bgj
imgq:100,h2pri
/
ad13.adfarm1.adition.com/ Frame 3927 		34 B
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad13.adfarm1.adition.com/
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
aa.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
029e542f54684fc0bc29504dd82348dd685c0ac0d88c525795d0f33bc139f89e

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/plain
date
Tue, 28 Jun 2022 19:25:08 +0200
server
ADITIONSERVER v1.0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
etag
"Sy8yk7L2ihxjBP+YyKUKJg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 05 Jul 2022 17:25:08 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:24:52 GMT
content-encoding
br
age
18
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 19:56:20 GMT
server
AmazonS3
etag
W/"46ca30e9a03da80448753564a63ea512"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-3EyF7ArZcIvJEhjxhZEL7loJNLG8CtBz3ZX71bAJga5PkghrKJ-7A==
mowplayer.css
cdn.mowplayer.com/dist/ui/css/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mowplayer.com/dist/ui/css/mowplayer.css
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.178.119 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c16ce59534a31be0e9f7bf8239342d5d4b673ec8785ae26835aff1a753661c51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 12:00:31 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62baed5f-1ad47"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Thu, 28 Jul 2022 17:25:08 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126826
x-xss-protection
0
expires
Tue, 28 Jun 2022 17:25:08 GMT
cracq
ctxtfl.com/// 		18 B
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com///cracq
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.203.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.203.227.35.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/octet-stream

Response headers

access-control-allow-origin
*
date
Tue, 28 Jun 2022 17:25:08 GMT
via
1.1 google
server
Apache/2.4.29 (Ubuntu)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18
content-type
application/json
pubads_impl_2022062301.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.203.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d74b590fcc8d9c451b2ecba1c0e5bae3a1d00db30130e8da00c454e066fa8dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 10:31:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456843
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130467
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 08:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Jun 2023 10:31:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		129 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=work.ink
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.203.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
waw07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
13e856ef710d3612e2730ef03e2114d2dd6d7c11835190b892417b9edbcd6dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Tue, 28 Jun 2022 17:25:08 GMT
cracq
ctxtfl.com/// Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ctxtfl.com///cracq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.203.227.35.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://work.ink
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:08 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
smtr
contextual.media.net/ 		1 KB
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUBA81EG&cpcd=EC1LpEunTfXfegaxOcrUiA%3D%3D&crid=197303404&size=970x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&nse=5&vi=1656437108929533320&ugd=4&pgid=p0761311810t202206281725&goent=1&nb=1&allsc=HE&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUBA81EG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c030705d688511bcfd977a890ba3f68318d006fb4c712e3b545630258503270a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:08 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-j2nf
strict-transport-security
max-age=31536000
content-length
508
expires
Tue, 28 Jun 2022 17:25:08 GMT
checksync.php
contextual.media.net/ Frame 483F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUBA81EG&https=1&itype=CM
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17b778dd62a1f9c542707f4a504dfccf5fe84b898b3e5d0167b8cdee160fdd80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5745
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 17:25:08 GMT
expires
Thu, 30 Jun 2022 17:25:08 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=480&&gdpr=1&prid=8PRHGG6T9&cid=8CUBA81EG&crid=197303404&vi=1656437108929533320&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1656437108299&requrl=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1656437108171558040&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0761311810t202206281725&vgd_pgids=1&vgd_uspa=0&hvsid=00001656437108283032397757442801&gdpr=1&vgd_end=1
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.28.29 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 28 Jun 2022 17:25:08 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 28 Jun 2022 17:25:08 GMT
impl.20220628-7-RELEASE.js
cdn.taboola.com/libtrc/ 		670 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/workink/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
733015e2493f654c07b7302b782cd8e2c69535a3ccca8c7dda68edfae9445038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
OdmaBRvkn0ZXFYxYUIc20GWNMBezFYIA
content-encoding
br
etag
"6912cb82bc0105a60562c142b72ce83d"
age
1274
x-cache
HIT
content-length
141496
x-amz-id-2
mpYXcMBBltk31kD31+42AMoQpuN58KcvQtmUdvrSwBymaM0Dl/BRsO4r4lXjdRalbSTWRAEM3yQ=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Jun 2022 08:57:39 GMT
server
AmazonS3-br
x-timer
S1656437108.332107,VS0,VE0
date
Tue, 28 Jun 2022 17:25:08 GMT
vary
Accept-Encoding
x-amz-request-id
KPF6JVEP0QG858V2
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
89
x-cache-hits
890
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/workink/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-75.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 14:25:44 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Thu, 09 Jun 2022 14:24:43 GMT
server
AmazonS3
age
10781
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NhZ8vND2519-ccWUv9Wnf3lBYyX-UItx49FuqsmbMbHXwhqY_iIl9w==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202206201825/ 		204 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202206201825/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ea4e6420a06884ea2613cad4c76e860fd3bc2880a226d838d854c7d5bbbe80c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 17:25:08 GMT
Content-Encoding
gzip
Age
859
X-Cache
HIT
Connection
keep-alive
Content-Length
66657
x-amz-id-2
r171o3GhcEnSfxT4IaVxWEJvuvPnam7ddp6kD2ww5la1EcJ0qlUs5egs8vf6T8kuP/vfUGWfIG0=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Mon, 20 Jun 2022 22:28:52 GMT
Server
AmazonS3
X-Timer
S1656437108.379334,VS0,VE0
ETag
"15d576dd2669f83213a04eb7353e87d2"
x-amz-request-id
GCD06ZBF6QYKDE24
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
8032
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-99308026-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1775
date
Tue, 28 Jun 2022 16:55:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 28 Jun 2022 18:55:33 GMT
www-player.css
www.youtube.com/s/player/60c2da65/ Frame 8ADF 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
74173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47636
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:55 GMT
www-embed-player.js
www.youtube.com/s/player/60c2da65/www-embed-player.vflset/ Frame 8ADF 		301 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95238
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:41 GMT
base.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 8ADF 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
74173
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547314
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:55 GMT
fetch-polyfill.js
www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/ Frame 8ADF 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8ADF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
1107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:34:36 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
server
AmazonS3
age
3032
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
DUS51-P2
content-length
2
x-amz-cf-id
r7go8Xo4fdh_jD4iDoVhj42GY6_O6XgaSVJZigGFlKOmYveMv3NW_g==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6

Request headers

Accept
application/json, text/plain, */*
Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 03:00:49 GMT
content-encoding
br
age
51861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sat, 18 Jun 2022 19:52:29 GMT
server
AmazonS3
etag
W/"754b1e001f99326f9b342fa2d6e55b5d"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
AYwkM.IW.38hT0sA3d1Ppda2bZVmYyuQ
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
ayHo7wVAwp0p1IzoTKBDYDr8vrHSZs5os3TAkD7bHgkDKWLQV-cIhw==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=323591272&t=pageview&_s=1&dl=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&ul=en-us&de=UTF-8&dt=Download%20Shindo%20%7C%20work.ink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=67289266&gjid=1887631823&cid=1698776355.1656437109&tid=UA-99308026-10&_gid=1108251591.1656437109&_r=1&gtm=2ou6m0&z=183123330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://work.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 8ADF
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cc7bbc29b3f3eecfc025d7148a50e671a525c166fe54438fbeb46b079cd3daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Jun 2022 17:25:09 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8ADF 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:24:29 GMT
x-content-type-options
nosniff
age
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Jun 2022 17:39:29 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8ADF 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d37fe16196b4704011839539f6a00976343f75e6859c3afc2eafa5c878cf260f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30088
x-xss-protection
0
Fyy9NKOEZUovEf5L4E9U-uUwP892TWsRqtk1FTh3Py4.js
www.google.com/js/th/ Frame 8ADF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Fyy9NKOEZUovEf5L4E9U-uUwP892TWsRqtk1FTh3Py4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
172cbd34a384654a2f11fe4be04f54fae5303fcf764d6b11aad9351538773f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
13896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13846
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 13:33:33 GMT
embed.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 8ADF 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
74123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8115
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:45 GMT
truncated
/ Frame 8ADF 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
WdbZqeTzKEHCKkAoJk40_7gs_KrTi3CK88o80AcLbjyECL845NVDkVL4JYav1VQ0vB6vCvteTA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8ADF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/WdbZqeTzKEHCKkAoJk40_7gs_KrTi3CK88o80AcLbjyECL845NVDkVL4JYav1VQ0vB6vCvteTA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
da7bbff5799078ed063d388bfe2b0c0846123d7dea8e17cc660d2e8ec6025381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:07:19 GMT
x-content-type-options
nosniff
age
4670
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3198
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 10:57:43 GMT
hqdefault.jpg
i.ytimg.com/vi/gAtu04_Cpak/ Frame 8ADF 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/gAtu04_Cpak/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b85e465e8a7ddfac45eb9f8a1f40b19358b749a2bce2f10a9177d6e987e37164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29176
x-xss-protection
0
server
sffe
etag
"1656334305"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jun 2022 17:30:09 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-99308026-10&cid=1698776355.1656437109&jid=67289266&gjid=1887631823&_gid=1108251591.1656437109&_u=YEBAAUAAAAAAAC~&z=222481139
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 28 Jun 2022 17:25:09 GMT
content-type
text/plain
access-control-allow-origin
https://work.ink
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2ui-en.js
cmp.quantcast.com/tcfv2/42/ 		230 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 19:57:14 GMT
content-encoding
gzip
age
163676
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 22 Jun 2022 19:56:05 GMT
server
AmazonS3
etag
W/"24932b3e61742029985961c24d35dbb7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
h1RHGHypIriQgvOR84aZO893W76IhJRj6lb6Io7vy14EUY-q5kU_IA==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		296 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dd900a2184c85ade5545276525bfa91f9930c19144a1333c5b473c11d63d6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 03:00:39 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
51871
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 28 Jun 2022 03:00:33 GMT
server
AmazonS3
etag
W/"7b1978bc8c161596c5a74c7e0b433aea"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
lojm1s2R2GyifqKXCQ5STXs4k9XCipMyuv6HjtvLu318qPsuholZjw==
b2
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1656437108423&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=42&cs_cmp_rt=717&c7=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&c8=Download%20Shindo%20%7C%20work.ink&c9=
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-75.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
otqwHE7ojdDGt6VhAhV1AzS41Mj024XzYGW6-DG_9tN3aOtDFZic_A==
x-cache
Miss from cloudfront
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		152 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a420e9005e555bdad6792ee3abbafe50a00af5479346a8daeee2ac9676dad8af

Request headers

Accept
application/json, text/plain, */*
Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 03:01:30 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
51820
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 28 Jun 2022 03:01:26 GMT
server
AmazonS3
etag
W/"a015545b2285bca83fadf6ea461f3a99"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aZGzlirER1c6hzoE5gfIlsbFrJmWAxbJcax5MmDIUtdcu0wq3vTX_g==
generate_204
www.youtube.com/ Frame 8ADF 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?4Zsrxg
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22work.ink%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22KkI%2FKU5jPenQbNeBBXEZcg%22%2C%22clientTimestamp%22%3A1656437109469%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-4qt0sihei2bbnclx7odw%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.149.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-149-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Jun 2022 17:25:09 GMT
content-length
2
content-type
text/plain; charset=utf-8
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8ADF 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e9d4a17a71ce7734acb44370c6b194125649e8c584f6f1a94dbcdebb4532b1a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:09 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 8ADF 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
X-YouTube-Client-Version
1.20220626.00.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqXzVlaWpZeXd3MCj08uyVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656437108616&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C442%2C250&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 28 Jun 2022 17:25:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 28 Jun 2022 17:25:11 GMT
/
run.cntxtfl.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://work.ink
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:16 GMT
server
Google Frontend
x-cloud-trace-context
413a582b02863d3b415b5589a98ae5a4
/
run.cntxtfl.com/ 		17 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9250eed0233cec7eb3f87e3ee3b0590ce7b9415cfe9fbdc702e01b215b5a386f

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/octet-stream

Response headers

access-control-allow-origin
*
x-cloud-trace-context
4a6ae366e4056aebb9b7fd66ad4b79c0
server
Google Frontend
date
Tue, 28 Jun 2022 17:25:16 GMT
content-length
17
content-type
text/html
perf
trc-events.taboola.com/workink/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/workink/log/3/perf?lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://work.ink
pragma
no-cache
date
Tue, 28 Jun 2022 17:25:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
errors.json
work.ink/en/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://work.ink/en/js/errors.json
Requested by
Host: work.ink
URL: https://work.ink/en/js/redirect.php?s=ab0a489ea1946582232291b1dbf200689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
b924800c4bdf71d07fa5a30cced6a1c89dd70c40cfbcdf4ae03c4bc3f962dcdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 01 Dec 2021 17:00:22 GMT
server
cloudflare
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IJzNHGWNt3nxE%2B3cOMjDsYwMT5IUCYDBgFxjnXSGIAUdhqLLyi98JDfAFTP8wjCp5CwK0e8Q%2BziizHTr62dfzHJ85sstEl%2F%2FXN6wK2XbiZsBF8br0CeiRHCd16Yae3aHtvYppSr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-xss-protection
1; mode=block
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72281f14da683759-MXP
etag
W/"1060-5d2189c0468eb"
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=v2Loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Origin
https://work.ink
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 15:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 15:38:58 GMT
asd100.bin
freychang.fun/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/asd100.bin
Requested by
Host: dq06u9lt5akr2.cloudfront.net
URL: https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
access-control-allow-methods
GET
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 15:22:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAPGsymw6cWGuXbz2RHKVtQZTFZRqyUC%2F3STHFUTvOXNvOQ%2B05%2F8OcznF4bc5WKze9aZ0uHilwR0K7HOizEABwwrE0AIRjmDDoiB0f37V6djtewoA9T8z4uPZdnCogqplOF%2BPTMOpbuyfJC5"}],"group":"cf-nel","max_age":604800}
content-type
binary/octet-stream
access-control-allow-origin
https://work.ink
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
72281f154b673743-MXP
access-control-allow-headers
X-Requested-With, content-type
/
freychang.fun/ 		26 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/
Requested by
Host: dq06u9lt5akr2.cloudfront.net
URL: https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212b2ea4b14ef3142ec3cc43c88a0d1278e725d828e4336a64b8033ecc5c991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://work.ink
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61nlm1jIGcIsxrf0wTLUZB353OyWRQRybdsZo0LybRoFgGXXzHHTLv7%2FtX6am00EqH8E%2F4Yp%2BlGZ07eBPERBuJdSV1hGW8SB9ncjKxR4yVlmGOxprQ0pwjCpO3o1B%2BEPXyRsBxNkk6dLvgpJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
72281f154b693743-MXP
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
ycreatmentto.xyz/ 		0
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ycreatmentto.xyz/utx?cb=IYtXkpnfx9bU&top=work.ink&tid=938541
Requested by
Host: dq06u9lt5akr2.cloudfront.net
URL: https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-102.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:23 GMT
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://work.ink
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
_LnL1FazLOTQhdQ174BizELAjZyXExTHAOeDoesqFMQ9keykE28J6w==
MgBUKTAyQiARK0kdNgA8NhIJBCg1Rj5yXBoECygKTSM9LS44PzAQKygiUAwo
ycreatmentto.xyz/Rnpwd2QnGBMaWydHElERNBZNUlYAX0IxADdKRgJdKg5FFg80SF4UCCkPFBEWKRQEWQojDlVFIigsHhMJJ0obRiMHHT4TDQ8fMRs+MSAlTjAeSRgALBQvNT0dHDE9HS0vOxpPERYCSD8oPDQWNhMUKDUfITIbQBMlBAMXQyEADj47ICEvJ0YU... Frame 4F16 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ycreatmentto.xyz/Rnpwd2QnGBMaWydHElERNBZNUlYAX0IxADdKRgJdKg5FFg80SF4UCCkPFBEWKRQEWQojDlVFIigsHhMJJ0obRiMHHT4TDQ8fMRs+MSAlTjAeSRgALBQvNT0dHDE9HS0vOxpPERYCSD8oPDQWNhMUKDUfITIbQBMlBAMXQyEADj47ICEvJ0YUMDQIOiEQFEEAJT4jNT4JNR8zH1QrNhc2KgIAGw4xFDc7EyA1Izg2LSo1GC0gEStJHTMQID8SVhwcNSYtKDcYEDYBPQgcNjEdFhUjFDImRhAoIBw9Mg0tCBw2Pj8zPVYEPiFGAwoZQCEzA0lJHjwtVz4tARIZODEDJQk5JS0DOzM2DRMWIQMCASwxJCIuX0IxB3YsJyYdD19CNSUxCTgVIxdKIUYIczUYQyoCFwgcNjE/PzwOdiMkR1FxIBgmKwEpKUAhLTQqM1YiMiYiMnMfNT0zHiIcQzUqLD8SVh8/MgBUKTAyQiARK0kdNgA8NhIJBCg1Rj5yXBoECygKTSM9LS44PzAQKygiUAwo
Requested by
Host: dq06u9lt5akr2.cloudfront.net
URL: https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-102.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
c494e4379b47eebeab6f4259d05f17c0723cdedf523e3f3d514acaed750bbf37

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1239
content-type
text/html
date
Tue, 28 Jun 2022 17:25:23 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-id
AxohoBeL23jW7MY5zdX39DBQ93wfW9vr8zBqsCc79emDbVxkTOo-zg==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
RgQVHiBXeRUTAVRgJB0kL3UaHSUlZGoxIDJ4Ei0wCHc4FjUgbjsMJw8PdmY3OQcZAiNQDz0BHTljNQwaNnQRNwQsQWYVIBRaawI3KVA1HEghcxYsVFF0dT4CDFgjaTgwU2YQMlNmMQ
ycreatmentto.xyz/YzZTVHECVDA5TgILMXIEEVpucUMlE2ESFRIGZSFID0JmNRoRBH03HQxDNzIDDFgneh8GQnZmNxBsYQIJNwY4ETILDiMwGS57FQw7FGAVZTQGBScWNRR/NB4JB28cFgYQYzoRCAVOOBIgFGNiGCcTYAUtPAx1Ah48AmUkHjMITnZmMwFBChY0... Frame DE11 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ycreatmentto.xyz/YzZTVHECVDA5TgILMXIEEVpucUMlE2ESFRIGZSFID0JmNRoRBH03HQxDNzIDDFgneh8GQnZmNxBsYQIJNwY4ETILDiMwGS57FQw7FGAVZTQGBScWNRR/NB4JB28cFgYQYzoRCAVOOBIgFGNiGCcTYAUtPAx1Ah48AmUkHjMITnZmMwFBChY0UHxqBSMiZzA9ICp+KzMbKWcJFSAUWmsHJzVjNQwdM3M7MxkvZzQHMA5GZAIGEHAyOgU7YBYSGQZjGQM8UUZkAgkqbxoMSDdnFh0/AXAFAjI7WmoAGiFyNS0WO3ABZAAzURocNgpvagUdAAU2OgEyZWN5O1ZUFQInNGUCPDQUUTc1HxBdAhE/RgQVHiBXeRUTAVRgJB0kL3UaHSUlZGoxIDJ4Ei0wCHc4FjUgbjsMJw8PdmY3OQcZAiNQDz0BHTljNQwaNnQRNwQsQWYVIBRaawI3KVA1HEghcxYsVFF0dT4CDFgjaTgwU2YQMlNmMQ
Requested by
Host: dq06u9lt5akr2.cloudfront.net
URL: https://dq06u9lt5akr2.cloudfront.net/?tluqd=938541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-102.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
ddd5521b76d3a1aee45e19d85bf7f9ada9c351397a34268f3559bedda4ffc94a

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1210
content-type
text/html
date
Tue, 28 Jun 2022 17:25:23 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
x-amz-cf-id
gpGcbBtejzan1fcqKgcyJHmxa-jUJ5kh-p31ViUfOm42BXGh2-Cl7w==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
ZhobCQINLC8TNGQ2LBIRYWQBGDNoe0ZJYmFzUwE+MX9EVyQhIwEEJGhzUxg5My1IVyFoc1tCY3twQl9mczdIQHEhMhQWamRkBQUjOX9ER2JjdkZGZmdxRkVm
ationsuchasr.xyz/V1VCdXF4aiEGTARncwYjEGR6Izc/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ationsuchasr.xyz/V1VCdXF4aiEGTARncwYjEGR6Izc/ZhobCQINLC8TNGQ2LBIRYWQBGDNoe0ZJYmFzUwE+MX9EVyQhIwEEJGhzUxg5My1IVyFoc1tCY3twQl9mczdIQHEhMhQWamRkBQUjOX9ER2JjdkZGZmdxRkVm
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSCJxlD7Ta4u3qoGxBxzeJKZI6bzk3w0FTOr74u%2FDGVZWJCpxjIcEDBlZXz0rBL4ZSnGw1aNlVmRdQkErK2%2F4PaZMLi41pTZXgThDvNqX2ZoEFij3BvaH%2FvTrpaziFhnPQmA5GR88crJci%2FrCDUX"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
72281f159901bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
NUEzU1YaflAga2IJZQIZcHhAATt8A1dhLnIgchFkVHF1PxJ9JhUnP1F8CmBuAHUBdSZcJQ5ibhMyRzIiQDIOYnBcL1U8axM3DmJ4BW8CfWQTNA5icEExUjRrBGdDJyJZfAJlYwN1AGRnB3IAZWE
ationsuchasr.xyz/ 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ationsuchasr.xyz/NUEzU1YaflAga2IJZQIZcHhAATt8A1dhLnIgchFkVHF1PxJ9JhUnP1F8CmBuAHUBdSZcJQ5ibhMyRzIiQDIOYnBcL1U8axM3DmJ4BW8CfWQTNA5icEExUjRrBGdDJyJZfAJlYwN1AGRnB3IAZWE
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COj44TbRsG5GpbWyaMQuIXHuNFZMIi9Ka9ivGXyyOBsQ6h4V0NFZe3MOeYhvZb9UbZwya0KY3alzz0SVuxKWeknssuDHyRe1deFsvOB5jilIg3BjMYXjQUoVBN%2FVh72D0Twv%2BTeQFblOmV5AiYOF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
72281f159902bb2b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
track-impression
thisiswaldo.com/js/ 		1 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thisiswaldo.com/js/track-impression
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-15-219-226.us-east-2.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 28 Jun 2022 17:25:23 GMT
X-Content-Type-Options
nosniff, nosniff
Server
Apache/2.4.29 (Ubuntu)
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1
Expires
Sun, 19 Nov 1978 05:00:00 GMT
pica.js
work.ink/cdn-cgi/challenge-platform/h/b/scripts/ 		19 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277b224677ce0c6d744492ba8052eb70fea715898f53743513dfd5f1410650d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/en/l/159/Shindo2432
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUM6YSgo%2FHYUqG%2BjrGDsu7IlZ8ZgfXuvCR9Lyu12w%2BGFMQqcN9zm81YmzVvTj9z%2B3hg5F0RjSwXWARlmKnUJp0YhsZY5mKjurvrUDNFr8c7f7QK0xTtlPU6VH3GsJFrd61Gkgkea"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
72281f155b183759-MXP
anchor
www.google.com/recaptcha/api2/ Frame 852B 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bc7cbef4a0ad29da7e5127143865bfd7169c9b87e3dcc3a0d40fa75a7ee1fb46
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IQC2YWqxSUIBL5728fPvJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21897
content-security-policy
script-src 'report-sample' 'nonce-IQC2YWqxSUIBL5728fPvJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
atr
www.youtube.com/api/stats/ Frame 8ADF 		0
0
ad_status.js
static.doubleclick.net/instream/ Frame 9BDE 		29 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?19ae7b1f4e1249149c0871d1dc258356
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame 3BEB 		29 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?11cc3642341543a8c85ce0fa0c26803b
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame F01E 		29 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?c9fa18cc994b1cc9ef2a5d5bde48ac25
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame 0447 		29 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?2f6456d572b633de8321952e80e424f3
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame 0ABF 		29 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?9bb4daae8e52b3db41420ff39241916b
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame 5430 		29 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?9bb4daae8e52b3db41420ff39241916b
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad_status.js
static.doubleclick.net/instream/ Frame 7F95 		29 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js?cafc9139ab0b2b139119a999b02c7bde
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=900
content-length
29
content-type
text/javascript
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Tue, 28 Jun 2022 17:40:23 GMT
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 852B 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 14:05:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 14:05:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 852B 		366 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 15:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 15:38:58 GMT
c0VWQyI+AwsHbGQ0Q1l5Oh4NDmxkRwEOKj0YT057ZhQOGSY7EkNZD2dHVUV5eEJWXXl4QlVOe2YEBw0oJB5DWQ9jRFFFemBRE1Z4
dq06u9lt5akr2.cloudfront.net/nVndma0k1GAgNdiIeAlZwZU9TX3hwHRUEJyZKMjIiAj8uPx8HLzNfAwRREhEta0dAByg4EFtNLDgUW1pvNxMEVn1wAxYEImseCh0mLgANDzkyURMKdDsYHAIlOhZDWQ9jWVZOe2ZfEQInMhgRGGxkRwgfbGRHV1tnZlJVKWx... Frame 4F16 		750 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dq06u9lt5akr2.cloudfront.net/nVndma0k1GAgNdiIeAlZwZU9TX3hwHRUEJyZKMjIiAj8uPx8HLzNfAwRREhEta0dAByg4EFtNLDgUW1pvNxMEVn1wAxYEImseCh0mLgANDzkyURMKdDsYHAIlOhZDWQ9jWVZOe2ZfEQInMhgRGGxkRwgfbGRHV1tnZlJVKWxkRxECJ2BDQ1gLc0VWE39iXk-NZeTcHFgcsIRIEACAiUlQtfGVASFh/c0VWQyI+AwsHbGQ0Q1l5Oh4NDmxkRwEOKj0YT057ZhQOGSY7EkNZD2dHVUV5eEJWXXl4QlVOe2YEBw0oJB5DWQ9jRFFFemBRE1Z4
Requested by
Host: ycreatmentto.xyz
URL: https://ycreatmentto.xyz/Rnpwd2QnGBMaWydHElERNBZNUlYAX0IxADdKRgJdKg5FFg80SF4UCCkPFBEWKRQEWQojDlVFIigsHhMJJ0obRiMHHT4TDQ8fMRs+MSAlTjAeSRgALBQvNT0dHDE9HS0vOxpPERYCSD8oPDQWNhMUKDUfITIbQBMlBAMXQyEADj47ICEvJ0YUMDQIOiEQFEEAJT4jNT4JNR8zH1QrNhc2KgIAGw4xFDc7EyA1Izg2LSo1GC0gEStJHTMQID8SVhwcNSYtKDcYEDYBPQgcNjEdFhUjFDImRhAoIBw9Mg0tCBw2Pj8zPVYEPiFGAwoZQCEzA0lJHjwtVz4tARIZODEDJQk5JS0DOzM2DRMWIQMCASwxJCIuX0IxB3YsJyYdD19CNSUxCTgVIxdKIUYIczUYQyoCFwgcNjE/PzwOdiMkR1FxIBgmKwEpKUAhLTQqM1YiMiYiMnMfNT0zHiIcQzUqLD8SVh8/MgBUKTAyQiARK0kdNgA8NhIJBCg1Rj5yXBoECygKTSM9LS44PzAQKygiUAwo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:f:9fb4:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8ed2c92ad391bef229d66f118123da5efc9613b72f13c19cfe414f0762d39ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ycreatmentto.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
525
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id
uGax9qVDMM56b6dtuY2I0SVi6e9YYtFhNrRQSTiVFsabdn15o8WIUg==
Z1JVR39nUlZUfXkUBBcuOw5AQwl8VFJffH9BEEx+
dq06u9lt5akr2.cloudfront.net/sZ2VxT0kECh8pdhMMFXJwVF1Ee3tBDwIgJxdYOBwsUiEyfxkFQwU1LVpVVyMoCQJMaSwJBkx+bwYBE3J9QRAQciQIHxgjJQZAQwl8SVVUfXlPEhghLQgSAmp7VwsFantXVEFheUJWM2p7VxIYIX9TQEINbFVVCXl9TkBDfyg... Frame DE11 		181 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dq06u9lt5akr2.cloudfront.net/sZ2VxT0kECh8pdhMMFXJwVF1Ee3tBDwIgJxdYOBwsUiEyfxkFQwU1LVpVVyMoCQJMaSwJBkx+bwYBE3J9QRAQciQIHxgjJQZAQwl8SVVUfXlPEhghLQgSAmp7VwsFantXVEFheUJWM2p7VxIYIX9TQEINbFVVCXl9TkBDfygXFR0qPgIHGiY9Qlc3enpQS0-J5bFVVWSQhEwgdanskQEN/JQ4OFGp7VwIULCIITFR9eQQNAyAkAkBDCXhXVl9/Z1JVR39nUlZUfXkUBBcuOw5AQwl8VFJffH9BEEx+
Requested by
Host: ycreatmentto.xyz
URL: https://ycreatmentto.xyz/YzZTVHECVDA5TgILMXIEEVpucUMlE2ESFRIGZSFID0JmNRoRBH03HQxDNzIDDFgneh8GQnZmNxBsYQIJNwY4ETILDiMwGS57FQw7FGAVZTQGBScWNRR/NB4JB28cFgYQYzoRCAVOOBIgFGNiGCcTYAUtPAx1Ah48AmUkHjMITnZmMwFBChY0UHxqBSMiZzA9ICp+KzMbKWcJFSAUWmsHJzVjNQwdM3M7MxkvZzQHMA5GZAIGEHAyOgU7YBYSGQZjGQM8UUZkAgkqbxoMSDdnFh0/AXAFAjI7WmoAGiFyNS0WO3ABZAAzURocNgpvagUdAAU2OgEyZWN5O1ZUFQInNGUCPDQUUTc1HxBdAhE/RgQVHiBXeRUTAVRgJB0kL3UaHSUlZGoxIDJ4Ei0wCHc4FjUgbjsMJw8PdmY3OQcZAiNQDz0BHTljNQwaNnQRNwQsQWYVIBRaawI3KVA1HEghcxYsVFF0dT4CDFgjaTgwU2YQMlNmMQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:f:9fb4:2380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cb4839eecc0e926128fde68deea6a954adc86b0d44d73cc81282ae7132ad831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ycreatmentto.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
gzip
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
186
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id
XkcX1LhybQ2V4lBp4-2pwn-I01dZhVbAIrm1FSjWmlTfMbr2uUqmKg==
gAtu04_Cpak
www.youtube.com/embed/ Frame 95A0 		64 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff329510221b6c71c74be62c5ea1e57ae09f0326420d6bc9d4f8ce0eeed405e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
smtr
contextual.media.net/ 		1 KB
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=1&cid=8CUBA81EG&cpcd=EC1LpEunTfXfegaxOcrUiA%3D%3D&crid=197303404&size=970x90&cc=DE&https=1&vif=1&requrl=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&nse=5&vi=1656437108264761258&ugd=4&pgid=p0761311810t202206281725&goent=1&nb=1&allsc=HE&tcf_cmp=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CUBA81EG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a90936617b1df8dcbcd107195ead9df89d1e9a66c0aed92d613c82cc9a3ec1da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-seds
strict-transport-security
max-age=31536000
content-length
509
expires
Tue, 28 Jun 2022 17:25:23 GMT
checksync.php
contextual.media.net/ Frame 14E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CUBA81EG&https=1&itype=CM
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.104.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
17b778dd62a1f9c542707f4a504dfccf5fe84b898b3e5d0167b8cdee160fdd80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5745
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 17:25:23 GMT
expires
Thu, 30 Jun 2022 17:25:23 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
startTransaction.php
work.ink/api/redirection/ 		0
0
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=480&&gdpr=1&prid=8PRHGG6T9&cid=8CUBA81EG&crid=197303404&vi=1656437108264761258&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886781035&r=1656437123688&requrl=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1656437108171558040&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p0761311810t202206281725&vgd_pgids=2&vgd_uspa=0&hvsid=00001656437108283032397757442801&gdpr=1&vgd_end=1
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.28.29 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Tue, 28 Jun 2022 17:25:23 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 28 Jun 2022 17:25:23 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 852B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
423914
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 30 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 852B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
1122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 852B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:48:37 GMT
x-content-type-options
nosniff
age
31006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:48:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 852B 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LetYU4aAAAAAL9XlMWEGf7XgMrqUoup6AIxQXtM&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=stxda6dhbpgo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Tue, 28 Jun 2022 17:25:23 GMT
72281e647bdb3759
work.ink/cdn-cgi/challenge-platform/h/b/cv/result/ 		2 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://work.ink/cdn-cgi/challenge-platform/h/b/cv/result/72281e647bdb3759
Requested by
Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/invisible.js?ts=1656432000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://work.ink/en/l/159/Shindo2432
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Jun 2022 17:25:24 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD3mwY9uQIWeP0q%2FwgrRNVpiGva6hhKSG3seejLM7zu7sFnVMDQzYLJKSClM%2BgGzLb%2BJb4xRZdS2pBJ4ogEh%2BC8AQa6ONh8HgCY6G4VEQR81RXpLSLmcNXVjULajphpz0qTvLtrM"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
72281f1918b63759-MXP
www-player.css
www.youtube.com/s/player/60c2da65/ Frame 95A0 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
74189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47636
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:55 GMT
www-embed-player.js
www.youtube.com/s/player/60c2da65/www-embed-player.vflset/ Frame 95A0 		301 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95238
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:41 GMT
base.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 95A0 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
74189
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547314
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:55 GMT
fetch-polyfill.js
www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/ Frame 95A0 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 95A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
1123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 95A0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
820493279edc223b94c392e6e19f60e026e15cdc4df94fc2a8459a28f139b8bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Jun 2022 17:25:24 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 95A0 		29 B
54 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:24:29 GMT
x-content-type-options
nosniff
age
55
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Jun 2022 17:39:29 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 95A0 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ce777800ddd3c11cf995f0ad51e3351c4960b950e60d1190898916e1ca61541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 28 Jun 2022 17:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30176
x-xss-protection
0
Fyy9NKOEZUovEf5L4E9U-uUwP892TWsRqtk1FTh3Py4.js
www.google.com/js/th/ Frame 95A0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/Fyy9NKOEZUovEf5L4E9U-uUwP892TWsRqtk1FTh3Py4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
172cbd34a384654a2f11fe4be04f54fae5303fcf764d6b11aad9351538773f2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 13:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
13911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13846
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 13:33:33 GMT
embed.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 95A0 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:49:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
74139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8115
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:49:45 GMT
truncated
/ Frame 95A0 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
WdbZqeTzKEHCKkAoJk40_7gs_KrTi3CK88o80AcLbjyECL845NVDkVL4JYav1VQ0vB6vCvteTA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 95A0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/WdbZqeTzKEHCKkAoJk40_7gs_KrTi3CK88o80AcLbjyECL845NVDkVL4JYav1VQ0vB6vCvteTA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
da7bbff5799078ed063d388bfe2b0c0846123d7dea8e17cc660d2e8ec6025381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 16:07:19 GMT
x-content-type-options
nosniff
age
4685
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3198
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 10:57:43 GMT
hqdefault.jpg
i.ytimg.com/vi/gAtu04_Cpak/ Frame 95A0 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/gAtu04_Cpak/hqdefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b85e465e8a7ddfac45eb9f8a1f40b19358b749a2bce2f10a9177d6e987e37164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:09 GMT
x-content-type-options
nosniff
age
15
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29176
x-xss-protection
0
server
sffe
etag
"1656334305"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 28 Jun 2022 17:30:09 GMT
/
run.cntxtfl.com/ 		17 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
40c132b928fe00cf669996aedbaf555a6ec3b19ad519d33638de676b97691659

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/octet-stream

Response headers

access-control-allow-origin
*
x-cloud-trace-context
065334676b80351867459b3bf4c09972
server
Google Frontend
date
Tue, 28 Jun 2022 17:25:24 GMT
content-length
17
content-type
text/html
popunder.gif
ationsuchasr.xyz/ 		35 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ationsuchasr.xyz/popunder.gif
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:c9ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Jun 2022 17:25:24 GMT
cf-cache-status
HIT
last-modified
Sat, 25 Jun 2022 23:42:02 GMT
server
cloudflare
age
236602
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZ2bVqEiuJPZIaMBZcgYCOJCrvzwgSJWmBOFC2XQH7nVL%2FH2U3npcnFPevpRDAjOdPkAwEbCKfQ0uamk2MaU0FZmqG%2Bqa88wIxkx2BZkJ%2FP7xPe%2FeSCV36%2Bn0CUKnJvUgJId%2B2Yo6oNY9pGbORT8"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72281f1bc9a49b94-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
run.cntxtfl.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://work.ink
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:24 GMT
server
Google Frontend
x-cloud-trace-context
b39435f2a5fc7f1d092552566b91fdfa
generate_204
www.youtube.com/ Frame 95A0 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?ZvO55Q
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 95A0 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c8fd1976412e601def612777c203cf8f3184c65cce41096b09b0dc1e19412b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 28 Jun 2022 17:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame 95A0 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/gAtu04_Cpak?rel=0&showinfo=0&controls=0&origin=https://work.ink
X-YouTube-Client-Version
1.20220626.00.02
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtqXzVlaWpZeXd3MCiD8-yVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656437124274&flash=0&frm=2&u_tz&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C442%2C250&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 28 Jun 2022 17:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 28 Jun 2022 17:25:26 GMT
perf
trc-events.taboola.com/workink/log/3/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/workink/log/3/perf?lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://work.ink
pragma
no-cache
date
Tue, 28 Jun 2022 17:25:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
localstore.js
script.4dex.io/ 		483 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469569
x-amz-request-id
tx71de9a623ae143c39231a-00629f978d
x-amz-id-2
tx71de9a623ae143c39231a-00629f978d
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGzz9hpkHrK4uDw71wtnFa4EX2c9mw7fQR8RzXlkOPWYTR%2FxCJLT7JYRrX09OYNhqQrMx%2BTTPZyPmNiYlgkCtGxwuwQ8HFFVmhcRu96%2FGKdCe76rFP0odyyGN9FMdUqgbz5nib7NJKs2rJqg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
72281f35485ebaeb-MXP
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1830214
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txcdc80f655fa741d9a987b-00629f4c08
x-amz-id-2
txcdc80f655fa741d9a987b-00629f4c08
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPdxb4pEmaDTopTSBrUC2ooCoIoEgl1BFFjqaLj%2FOVIKoG9q8iJEk6ppWcx7%2FeyP0c80ioIip9bHtxViG5kHAJiB%2BKJOAK1WJ21LjR%2BGBEBgFL4RSH2wGO5Jsr2G7628%2B1KvyhbJ2HYNooEU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
72281f358ede9c06-FRA
access-control-allow-headers
Authorization
json
trc.taboola.com/workink/trc/3/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/workink/trc/3/json?tim=17%3A25%3A28.706&lti=deflated&data=%7B%22id%22%3A991%2C%22ii%22%3A%22%2Fen%2Fl%2F159%2Fshindo2432%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1656409620788%2C%22vi%22%3A1656437118325%2C%22cv%22%3A%2220220628-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432%22%2C%22vpi%22%3A%22%2Fen%2Fl%2F159%2Fshindo2432%22%2C%22e%22%3A%22https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1535%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a-mid-1x1%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails-3%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails-3%22%2C%22cd%22%3A580%2C%22mw%22%3A333%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a-mid-1x1%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnails-4%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnails-4%22%2C%22cd%22%3A520%2C%22mw%22%3A333%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fen%2Fl%2F159%2Fshindo2432%2CMid%20Article%20Thumbnails-3%3Dthumbnails-a-mid-1x1%3Aabp%3D0%2C%2CMid%20Article%20Thumbnails-4%3Dthumbnails-a-mid-1x1%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5c342c1a232136c85ccab7587fd6250076d509d4e2f8f7fb20553f3cd4e14bf6

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
290
date
Tue, 28 Jun 2022 17:25:29 GMT
content-encoding
gzip
server
nginx
x-timer
S1656437129.718645,VS0,VE290
x-served-by
cache-hhn4038-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://work.ink
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-component.20220628-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20220628-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/workink/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac4d1bc44614de7a1c797e8c77e49af910a09a8c9a1c5de7bed228eb5f00939a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
OrZ69I7OV2WJvrsWXkskwchNv87C20Nr
content-encoding
gzip
etag
"fe8d961a76888095ba19dfd077fba1e5"
age
92
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5108
x-amz-id-2
mrezy5J3cJtAUSe5kb8/ckd5Rby7kz5pU8QaspV0GI+78CDHybt4T2H/DOVKCPxUFdOWBDockU8=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Jun 2022 17:23:53 GMT
server
AmazonS3
x-timer
S1656437129.033396,VS0,VE0
date
Tue, 28 Jun 2022 17:25:29 GMT
vary
Accept-Encoding
x-amz-request-id
3YCD4B7ZMHFCFC5E
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
89
x-cache-hits
61
tb
15.taboola.com/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=workink&unitType=226&tbloc=&pageType=text&pstn=Mid%20Article%20Thumbnails-3&uuip=&cisrf=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&cirf=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&encoded=1&uid=64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1656437129034&tagid=&cntry=DE&platform=1&sesid=92b04fc7f1b481a9952ff060eb4cded0&itemid=/en/l/159/shindo2432&viewid=1656437118325&geolat=&geoing=&deviceifa=&appid=&sd=v2_92b04fc7f1b481a9952ff060eb4cded0_64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08_1656437128_1656437128_CIi3jgYQ0a5TGPWq4tqaMCABKAEwODib4wlAgooQSLqG2ANQpewQWABgAGjsyrjT39zS1ipwAA&ri=caf0526cff36427e43824934b8d9b515&appname=&cdb=&gdprApplies=true&rid=&sii=-6363434501728161911&oee=true&tpubid=1365841&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=&prcnt=&layer=&normp=1&gvv=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd931e5c650a99c8d96b8b5a0c63be357aee1ff93fb7c0804513ed4a7c88b828

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-encoding
gzip
access-control-allow-origin
https://work.ink
machineid
1444
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4038-HHN
pragma
no-cache
server
nginx
x-timer
S1656437129.057872,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220628-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220628-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/workink/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f921a0b1e937dca00ea49be99a6434c6babee9ca46d0c7264bc9fd441eae10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
rNPw4R6jNHViPi3CXxjo3aJDG1qQPUkk
content-encoding
gzip
etag
"258ef1c7abaa767534953a2f9d40f91f"
age
21549
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
NpbtgWswy8BHd3GsDsEeIhN519omZIDZ5pEzzQfekYj1p9KFKESkmSi04R8DsAuUNefZjsBZaxU=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 28 Jun 2022 11:26:07 GMT
server
AmazonS3
x-timer
S1656437129.057948,VS0,VE0
date
Tue, 28 Jun 2022 17:25:29 GMT
vary
Accept-Encoding
x-amz-request-id
85DMNFS4ZDAX02A5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
89
x-cache-hits
10035
tb
15.taboola.com/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=workink&unitType=226&tbloc=&pageType=text&pstn=Mid%20Article%20Thumbnails-4&uuip=&cisrf=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&cirf=https%3A%2F%2Fwork.ink%2Fen%2Fl%2F159%2FShindo2432&encoded=1&uid=64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback2&cb=1656437129039&tagid=&cntry=DE&platform=1&sesid=92b04fc7f1b481a9952ff060eb4cded0&itemid=/en/l/159/shindo2432&viewid=1656437118325&geolat=&geoing=&deviceifa=&appid=&sd=v2_92b04fc7f1b481a9952ff060eb4cded0_64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08_1656437128_1656437128_CIi3jgYQ0a5TGPWq4tqaMCABKAEwODib4wlAgooQSLqG2ANQpewQWABgAGjsyrjT39zS1ipwAA&ri=39cef79a894e3dacd43b5c4b4d74d622&appname=&cdb=&gdprApplies=true&rid=&sii=-6363434501728161911&oee=true&tpubid=1365841&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=2&cmpStatus=0&tnetid=&prcnt=&layer=&normp=1&gvv=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4a89c0af44ab32416f9065d5ea84171f7530be632d0647b9739e073335327d40

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-encoding
gzip
access-control-allow-origin
https://work.ink
machineid
1442
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4038-HHN
pragma
no-cache
server
nginx
x-timer
S1656437129.057838,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
magentv_uid_62b1c24a340a9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/06/21/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/06/21/magentv_uid_62b1c24a340a9.png
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79abd0636f1a3eab2ee2d8fc487071f8ccef4521962cb5d236178168d48ad33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 varnish, 1.1 varnish
age
533643
edge-cache-tag
573243295999453830996973760159795806270,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
cache-tag
573243295999453830996973760159795806270,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1569
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/06/21/magentv_uid_62b1c24a340a9.png
content-length
5114
x-request-id
e2dd0357284a48ba7b96cbd8ea647082
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified
Tue, 21 Jun 2022 15:22:21 GMT
server
nginx
x-timer
S1656437129.058401,VS0,VE1
etag
"e1a1c735ecd3466219adb42a6e39c8a8"
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kiad7000021-IAD, cache-sna10744-LGB, cache-iad-kcgs7200098-IAD, cache-hhn4038-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
119a7ab3a8dbdf745c72693ed2a4af67.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/119a7ab3a8dbdf745c72693ed2a4af67.png
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6353e203221bee5f1fb1c183d2396244be5d4b61bcff122a7268e590896e759c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 varnish, 1.1 varnish
age
2961274
edge-cache-tag
542050022866568511651381017443600117067,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
cache-tag
542050022866568511651381017443600117067,352635776853417681536589699696160363519,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
60
expiration
expiry-date="Sat, 28 May 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_334%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/119a7ab3a8dbdf745c72693ed2a4af67.png
content-length
12946
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 27 Apr 2022 20:31:41 GMT
server
nginx
x-timer
S1656437129.057830,VS0,VE1
etag
"531cbd253b2cba6aae0b83c30fb9087b"
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kcgs7200117-IAD, cache-chi-kigq8000061-CHI, cache-iad-kjyo7100175-IAD, cache-hhn4038-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 1, 1
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.8.5/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f81923aacd2ae9a0881304a6f39cff4f919f935334b7427aa06115fccf17d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront), 1.1 varnish
age
289304
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
29052
x-served-by
cache-hhn4038-HHN
last-modified
Sat, 25 Jun 2022 09:03:20 GMT
server
AmazonS3
x-timer
S1656437129.145619,VS0,VE0
etag
"6c8f81f49382e075e3530d080a426f74"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
yVeda-nUIpwtYtdeuqxJn2VplUVfKG6_kR00VSMpu7uO-tXGok1nUQ==
x-cache-hits
9937
debug
am-trc-events.taboola.com/workink/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/workink/log/2/debug?tim=17%3A25%3A29.164&type=warn&msg=video%20tag%20loader%20-%20didn%27t%20find%20enough%20sponsored%20items%20for%20integrated%20widget%20replacement&llvl=2&id=7591&cv=20220628-7-RELEASE&lt=deflated&pct=1
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13477
st
imprammp.taboola.com/ Frame A5DC 		742 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=undefined&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F1945B746046467209915758029&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
x-timer
S1656437129.426285,VS0,VE12
sync
am-match.taboola.com/ Frame C4E3 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
machineid
9401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=333&height=187&pubid=169497&tagid=953497&crid=6235095&noaop=3&sortOrderType=0&cb=1656437129420&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1436&pt=1559600665&tz=0&viewable=true&ddast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2793245&dpubid=488005&abtst=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fwork.ink&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
958cb6c3e44243c5ac97f677a420dd304c9a390700e6e3f243fc7b32e44334c0

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-encoding
gzip
access-control-allow-origin
https://work.ink
machineid
1456
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
pragma
no-cache
server
nginx
x-timer
S1656437129.426244,VS0,VE122
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=31589837&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1656437095060!ts:1656437129414&mntl=1
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-length
0
server
nginx
st
imprammp.taboola.com/ Frame 8F92 		742 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=undefined&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=84E9BEFD4737862689670913&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
x-timer
S1656437129.430599,VS0,VE45
sync
am-match.taboola.com/ Frame 9E70 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=673&height=378&pubid=169497&tagid=953497&crid=6235095&noaop=3&sortOrderType=0&cb=1656437129426&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1436&pt=1559600665&tz=0&viewable=true&ddast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2793245&dpubid=488005&abtst=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Fwork.ink&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
958cb6c3e44243c5ac97f677a420dd304c9a390700e6e3f243fc7b32e44334c0

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
text/plain

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-encoding
gzip
access-control-allow-origin
https://work.ink
machineid
1472
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4038-HHN
pragma
no-cache
server
nginx
x-timer
S1656437129.437965,VS0,VE148
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=31589837&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1656437095060!ts:1656437129424&mntl=1
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame A5DC 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=undefined&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F1945B746046467209915758029&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame A5DC 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=undefined&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F1945B746046467209915758029&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame A5DC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8eb410-f707-11ec-a1f3-124172220506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8eb410-f707-11ec-a1f3-124172220506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&cmcv=&pix=undefined&cb=1656437129414&uv=3199&tms=1656437129414&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=F1945B746046467209915758029&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16972

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8eb410-f707-11ec-a1f3-124172220506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
107
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 8F92 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=undefined&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=84E9BEFD4737862689670913&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 8F92 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=undefined&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=84E9BEFD4737862689670913&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 8F92
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66493945&crid=6235095&dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&cmcv=&pix=undefined&cb=1656437129424&uv=3199&tms=1656437129424&abt=adh5c-1_vA!inc_all_video_vA!Noappq22_vD!spa2_vA!ttdfpc_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=84E9BEFD4737862689670913&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16972

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
43
Connection
keep-alive
Content-Length
0
sync
taboola-supply-partners.tremorhub.com/ Frame 9E70 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 9E70 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9E70
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8e794c-f707-11ec-8dcf-1df4c96b0406&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8e794c-f707-11ec-8dcf-1df4c96b0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15855

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8e794c-f707-11ec-8dcf-1df4c96b0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
118
Connection
keep-alive
Content-Length
0
sync
taboola-supply-partners.tremorhub.com/ Frame C4E3 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame C4E3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C4E3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16972

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/31_9_9/infra/ 		746 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_9_9/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fd9f71ce8d2a02707ce25a783b3121c8ce8414fae189ae5c4d1cbacbc6e00637

Request headers

Referer
https://work.ink/
Origin
https://work.ink
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 varnish
age
102444
x-amz-meta-mtime
1656334523
x-cache
HIT
x-amz-meta-ctime
1656334524
x-amz-meta-mode
33188
content-encoding
br
content-length
130866
x-amz-id-2
xHmDS7Ke27ZLWR3I+ju13gUh98QlWvLDXbD2zl8Ww6z5lpCD/R/X47npVMhBJEVz/ZJ8a+Fi8Tc=
x-served-by
cache-cdg20731-CDG
accept-ranges
bytes
last-modified
Mon, 27 Jun 2022 12:55:25 GMT
server
AmazonS3-br
x-timer
S1656437130.603365,VS0,VE0
etag
"4657e4390b42a3af602737b04b8f0bd0"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
17BQMKF4K130XZR0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
18516
cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_9_9/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_9_9/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 varnish
age
102444
x-amz-meta-mtime
1656334574
x-cache
HIT
x-amz-meta-ctime
1656334574
x-amz-meta-mode
33188
content-encoding
br
content-length
8297
x-amz-id-2
vH9uIJzYVM+60SwSH4jAVFGjNeoZXyhvP+XdfiyscN7zD5ZLehTHnBq4uugvjXY2ADoJ9daOHM8=
x-served-by
cache-hhn4038-HHN
accept-ranges
bytes
last-modified
Mon, 27 Jun 2022 12:56:15 GMT
server
AmazonS3-br
x-timer
S1656437130.567801,VS0,VE0
etag
"a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
17BM2J7NCN16BTF8
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
32083
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_9_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
3641593
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4038-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1656437130.797865,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
557287
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v14.3.6/ 		478 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v14.3.6/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_9_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
c550bd3e890389295486914e522fa1892e53548f8890631bd38041a6986ef225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
via
1.1 varnish
age
215239
x-amz-meta-mtime
1656221808
x-cache
HIT
x-amz-meta-ctime
1656221821
x-amz-meta-mode
33188
content-encoding
br
content-length
97549
x-amz-id-2
kuiJU8cQ57ZfmCPvW6I8cYHd4XID209hoD4sFwO06pljHQhnhux80ht0ELeAj/+OTugHPtvzpp4=
x-served-by
cache-hhn4038-HHN
accept-ranges
bytes
last-modified
Sun, 26 Jun 2022 05:37:02 GMT
server
AmazonS3-br
x-timer
S1656437130.797851,VS0,VE0
etag
"b8bb69114fb9c66def301a7c2d860188"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
R86M9P4DWVX29P8A
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
61090
sync
am-match.taboola.com/ Frame DD99 		742 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_9_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
machineid
3408
server
nginx
sync
am-match.taboola.com/ Frame 2709 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_9_9/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://work.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 28 Jun 2022 17:25:29 GMT
machineid
3407
server
nginx
sync
taboola-supply-partners.tremorhub.com/ Frame DD99 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame DD99 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame DD99
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7n_wCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHGDhaMScsGom02-yGs8lsuJztBsvFZggaOFoxJywaibTb7IazyWoxGi6Hm-VgMZkCRjNNBgXl9PSYXQZR0fW22B1Os-ctWgMJmk6Hz3Wv1_0tX7vS7vWr7H6xX7Fa7jVFp93kt4w2kzkAAAAAPAB8jVxD_AACAEQAAAAASAAAAABQBFT8WwhcAAAAAGAAKAgtagBAcRi06-70GP0BAPDwAAIAIIBBAnAgV1QCoPLZcQIAAAAAAAAAwPL___8fM2DfmS8zsO8a1gPw4APwQFQgWsQIAAAAIHjDgeJoUidUFlUAAATpVgBXAAABgatYv2VhAAAABGKUVtDgCqd5cGML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCOiRKy0oxwNX7RcQAGDtFxAAgE3dAADeBOBCjgRNp8Pnutfr_pavXWn3-lV2v9ivWC33mqLTbvJbRpvJ6AhaMRisLiBmBwAAAHD3____j0dpBQ2ucJoHpweSk4lhNPP4Zo6JabhYOJerycxmmA1WFtPG5DIZtjeUojFpBaWW3YfRTJNBQTk9PWaXQVR0vS12h9PseYvmN2GL0Woy2SyHs-ViMhiOhqPR_gZisBngRAyWy8lkMdmtRqvRZrgbzQYLFIjBBClaNJisRqPJYjJcjSar2XKx222QolWr2WgzGK5mk9lutxoOhsvRCCdsMVpNJpvlcLZcTAbD0XA0GiKMjSYew2Cxcosmm-VaNNys1srNZuRWjXaT2cwyWa5cJrfo9TE9J6aJzTDcomAAx14EF-lE97d8nXavRSzRnCzSieyyb04mhtHM45s5JqbhYuFcriYzm2E2WFlMG5PLZNjXRhOPYbBYuUWTzXItGm5Wa-VmM3KrRrvJbGaZLFcuk1v0-pieE9PEZhjuG7PVbLTZLSbDfWO2mo02u8VkuO8wmZ6pz9koLFyjHqHXOI0eDzeHQeEyWLw_iWkx7c4Ont_v6JQZP8qCzii8fI9eg8Jz8Kie5-Vq6iynn8bS8HswKGKJ4HSRTkQv4-kilkieFulEs9y4bL7lwrgcrTwjh8dk2kxcG9PENPKNRrbJZCKWKE0X6USvsvvFfsVqudccnXaT3zLaTCbqPzLEcjOX7OaK0VwyWCUAAAAAAAAAgCXMmTcBAAAAOA1oOBwMVssFoLiO0v15pzvV74Tj2j2FVUzoOHhJPD64v-XrtHvNvNkzQazValkDAAAIYAMAAARw6-YtIMyKAwAACIwDAAAAkAM!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15855

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
12
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 2709 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 17:25:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 2709 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:dec:f48c:c120:9a90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2709
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V75mcCFgNTJoqPohOzGARTJoqPohOzGAUAAAAGBuIHG8ZYjlYT3mg2GM1Gs91ksFwuVrvVcDBZDmHDGMvRasIbzQaj2Wi2mwyGy8VosVyNRsMpYDTTZFBQTk-P2WUQFV1vi93hNHvemjWQoOl0-Fz3et3f8rUr7V6_yu4X-xWr5V5TdNpNfstoM5kDAAAAwAPA18g1xA8gAEAEAAAAgAQAAAAARUDFv4XABQAAAAAGgILQogYAFIdBu-5Oj9EfAAAPDyAAAAIYJAAHckUlACqfHScAAAAAAAAAACz_____MQP2nfkyA_uuYT0ADz4AD0QFpEWMAAAAAII3HCiOJnVCZVEFAECQbgVwBQAQELiK9WsWBgAAQCBGaQUNrnCaBze2QA-L32922DV-t8sAAAAAAAAAAMz-z_7RhIAeudKCcjxw1X4BAQDWfgEBANjUDQDgTQAu5EjQdDp8rnu97m_52pV2r19l94v9itVyryk67Sa_ZbSZjI6gFYPB6gJidgAAAAB3_____3iUVtDgCqd5cHogOZkYRjOPb-aYmIaLhXO5msxshtlgZTFtTC6TYXtDKRqTVlBq2X0YzTQZFJTT02N2GURF19tidzjNnrdmfhO2GK0mk81yOFsuJoPhaDga7W8gBpsBTsRguZxMFpPdarQabYa70WywQIEYTJCiRYPJajSaLCbD1Wiymi0Xu90GKVq1mo02g-FqNpntdqvhYLgcjXDCFqPVZLJZDmfLxWQwHA1HoyHC2GjiMQwWK7doslmuRcPNaq3cbEZu1Wg3mc0sk-XKZXKLXh_Tc2Ka2AzDLQoGcOxFcJFOdH_L12n3WsQSzckincgu--ZkYhjNPL6ZY2IaLhbO5Woysxlmg5XFtDG5TIZ9bTTxGAaLlVs02SzXouFmtVZuNiO3arSbzGaWyXLlMrlFr4_pOTFNbIbhvjFbzUab3WIy3Ddmq9los1tMhvsOk-mZ-pyNwsI16hF6jdPo8XBzGBQug8X7k5gW0-7s4Pn9jk6Z8aMs6IzCy_foNSg8B4_qeV6ups5y-mksDb8HgyKWCE4X6UT0Mp4uYonkaZFONA6bYTWZbWw2z2w02a1Mm-FktNyMJsaRc-JarCZiidJ0kU70Krtf7FeslnvN0Wk3-S2jzWSi_iNDLDdzyW6uGM0lg1UCAAAAAAAAAFjCnHkTAAAAgNOAhsPBYLVcAIrrKN2fd7pT_U44rt1TWMWEjoOXxOOD-1u-TrvXzJs9E8RarZY1AACAADYAAEAAt27eAsKsOAAAgMA4AAAAADk!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15855

Redirect headers

Date
Tue, 28 Jun 2022 17:25:29 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=4e8f820c-f707-11ec-b38f-1f932c7f0406&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
14
Connection
keep-alive
Content-Length
0
eba29ed7-5761-4c3d-88c0-bc482f4eb7fb
https://work.ink/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://work.ink/eba29ed7-5761-4c3d-88c0-bc482f4eb7fb
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
850a5b68-b8b7-403c-b677-4baf44e04b1f
https://work.ink/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://work.ink/850a5b68-b8b7-403c-b677-4baf44e04b1f
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
visible
trc.taboola.com/workink/log/3/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/workink/log/3/visible?tvi2=7830&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 28 Jun 2022 17:25:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1656437130.050180,VS0,VE9
x-served-by
cache-hhn4038-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://work.ink
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/workink/log/3/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/workink/log/3/visible?tvi2=7830&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 28 Jun 2022 17:25:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1656437130.050672,VS0,VE9
x-served-by
cache-hhn4038-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://work.ink
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/workink/log/3/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/workink/log/3/bulk?tvi2=7830&route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Tue, 28 Jun 2022 17:25:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1656437130.051641,VS0,VE10
x-served-by
cache-hhn4038-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://work.ink
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: work.ink
URL: https://work.ink/en/l/159/Shindo2432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
7681
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4038-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1656437130.139446,VS0,VE0
date
Tue, 28 Jun 2022 17:25:30 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
89
x-cache-hits
863
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220628-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
971
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
eBvA3Cn7Vmi0RQPvR7kaz9zs14aMYgzx2uA7jWWQOie8bh08mSXjXMH6nljkG1Q4xYusyg4kNp0=
x-served-by
cache-hhn4038-HHN
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1656437131.022600,VS0,VE0
date
Tue, 28 Jun 2022 17:25:31 GMT
vary
Accept-Encoding
x-amz-request-id
81KT1GAWAE081RQZ
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
89
x-cache-hits
1028
/
pips.taboola.com/ 		4 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:25:31 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-cdg20731-CDG
access-control-allow-methods
GET
access-control-allow-origin
https://work.ink
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://work.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 28 Jun 2022 17:25:31 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
run.cntxtfl.com/ 		17 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Requested by
Host: mowplayer.com
URL: https://mowplayer.com/js/player/mEihTUtQyn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
40c132b928fe00cf669996aedbaf555a6ec3b19ad519d33638de676b97691659

Request headers

Referer
https://work.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/octet-stream

Response headers

access-control-allow-origin
*
x-cloud-trace-context
5b836ab8e9c101900b14945222a0df4c
server
Google Frontend
date
Tue, 28 Jun 2022 17:25:32 GMT
content-length
17
content-type
text/html
/
run.cntxtfl.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://run.cntxtfl.com/?id=1Pw020A3ITJIzgfunLbgN4HVD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://work.ink
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
content-type
text/html
date
Tue, 28 Jun 2022 17:25:32 GMT
server
Google Frontend
x-cloud-trace-context
774311e103aafc6b92acf7f843d03c2a

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
work.ink
URL
https://work.ink/img/sign.svg
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=Ftn6nzkyaudyxedq&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwork.ink%2F&lact=14822&cl=457540800&mos=0&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220626.00.02&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=183&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24175559%2C24221533%2C24237817&muted=0&docid=gAtu04_Cpak
Domain
work.ink
URL
https://work.ink/api/redirection/startTransaction.php

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewportTest function| isElementInViewport2 function| waldoInitScroll function| waldoRefreshIfViewable function| waldoSlotRenderEnded function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoAdxClickFraud function| waldoAdxClickFraudRefresh function| waldoClickFraudNetworkWide function| waldoDelayAdClicks function| waldoInitTags function| hbRefreshBid function| waldoApplyBidGeoRestrictions function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadSlot function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| waldoBreakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| waldoAdXRefreshes object| allAdUnits object| blockAdsOn number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoBlockRequestGeos object| waldoNoRefreshGeos object| waldoRefreshOnScollGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd undefined| waldoVideoSlot number| cmpVersion number| cmpFailureTimeout string| webInterstitialAdId object| waldoScrollSticky number| adTagsInitFinished number| adxOrderId number| enVariableHeightFix number| delayAdClicks number| allowAdClicks object| delayAdClickTimers number| delayAdClickSecs boolean| loadedOnAction boolean| loadOnAction number| waldoScrollRefreshEnabled boolean| waldoBlockRequests boolean| waldoNoRefresh number| waldoDisableGeoRestrictions object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| _taboola object| _mNHandle string| medianet_versionId function| open_popup number| is_opened string| url function| $ function| jQuery object| static_confirmations object| static_confirmations_social_ids object| static_confirmations_social_links string| transaction_id string| link_id string| csrf_token number| needed_confirmation_count string| v2Callback boolean| v2Check boolean| no_steps boolean| rewTasksDone function| a0V function| a0U function| a0O function| a0T function| a0a function| a0s function| a0r function| a0M function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| gtag object| dataLayer object| _qevents object| contxtful_config object| $jscomp function| $jscomp$lookupPolyfilledValue object| Contxtful function| __contxtful__ object| _mow_adsData__11_ boolean| receptivity object| receptivity_events boolean| load_ads_via_ajax string| ReceptivityValue boolean| MowIsPlaying boolean| mowCssInjected object| mowPromiseCache boolean| initializedMowOutstream object| Mow object| ggeac object| google_tag_data object| google_js_reporting_queue object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| _mNDetails function| _cmL1Require function| _cmL1Define undefined| _mNE object| _mNadPrvLog object| TRC object| _tblConsole undefined| msg object| _comscore object| google_tag_manager object| confiant string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| COMSCORE function| udm_ object| regeneratorRuntime function| __tcfapiui object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| ns_p number| taboola_view_id number| measureInterval function| sleep function| loadStaticConfirmations function| startTransaction function| startMonetization function| startMonetizationWithCallback function| clickLink function| checkForConfirmationsInSeconds function| TxVbZrmKaL function| openPopup function| closePopup function| closeStepOverlay function| allowCallbackPopupClose function| openStepOverlay function| cdd5ad3f908db15772867761a2215dbc537077 function| showRedirectButton function| openLink function| captchaCallback function| v2Loaded function| v3Loaded object| confirmations number| linkOpenTime boolean| popup_open number| popup_closeable_in boolean| popup_countdown_running boolean| documentReady boolean| v2 boolean| v3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| refreshSn number| LAST_CORRECT_EVENT_TIME object| utr_938541 number| userTrackingInterval number| _3447286995 object| __CF$cv$params number| index object| recaptcha object| closure_lm_397831 number| iinf object| errors object| sas object| apntag object| _ADAGIO object| placementData object| cmTag object| _cm_wfCounters string| lastWfUrl function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer

14 Cookies

Domain/Path Name / Value
work.ink/ Name: PHPSESSID
Value: 6u8t6dtno74ofm20pkml0igdcu
.youtube.com/ Name: YSC
Value: xAiJZY6rcnU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: j_5eijYyww0
work.ink/ Name: waldo_country
Value: DE
work.ink/ Name: waldo_continent
Value: EU
work.ink/ Name: waldo_region
Value: 05
.work.ink/ Name: _ga
Value: GA1.2.1698776355.1656437109
.work.ink/ Name: _gid
Value: GA1.2.1108251591.1656437109
.work.ink/ Name: _gat_gtag_UA_99308026_10
Value: 1
freychang.fun/ Name: csu
Value: 517107098525008@1@1656437123
work.ink/ Name: session_depth
Value: work.ink%3D1%7C197303404%3D2
.work.ink/ Name: __cf_bm
Value: _X4VtQojhhEUDG8jbczZxqTNJ41Ki2aTc8wO4nLLDbA-1656437124-0-AfQ5bLpMdVYpDa0O5gsdCqlyeLv3y5g70853ptshHeuH7ETLI/6pnzFXu8H8sYV0SHSL5ubzDtMqIZ4jK7P6svt2t3I5whfzA7YvfFT5V2eHbKd5OPs+R7BmbNCg6t/Txg==
work.ink/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D64bc001e-4239-4835-933d-54726f229eed-tuct9b4bf08
.spotxchange.com/ Name: audience
Value: 4e8e794c-f707-11ec-8dcf-1df4c96b0406

1 Console Messages

Source Level URL
Text
network error URL: https://ad13.adfarm1.adition.com/
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
accounts.google.com
ad13.adfarm1.adition.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ationsuchasr.xyz
audit-tcfv2.cmp.quantcast.com
cdn.jsdelivr.net
cdn.materialdesignicons.com
cdn.mowplayer.com
cdn.taboola.com
cdn.thisiswaldo.com
cdnjs.cloudflare.com
cds.taboola.com
cmp.quantcast.com
confiant-integrations.global.ssl.fastly.net
contextual.media.net
ctxtfl.com
dq06u9lt5akr2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
i.ytimg.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ipfind.co
jnn-pa.googleapis.com
lg3.media.net
match.adsrvr.org
mowplayer.com
pips.taboola.com
quantcast.mgr.consensu.org
rules.quantcount.com
run.cntxtfl.com
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
test.cmp.quantcast.com
thisiswaldo.com
trc-events.taboola.com
trc.taboola.com
vidstat.taboola.com
wf.taboola.com
work.ink
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
ycreatmentto.xyz
yt3.ggpht.com
work.ink
www.youtube.com
104.102.28.29
104.90.104.26
108.138.17.102
13.57.144.12
138.199.37.227
141.226.224.32
141.226.228.48
142.250.203.130
143.204.89.75
151.101.1.44
151.101.193.194
151.101.193.44
185.132.178.119
185.94.180.126
2001:4860:4802:36::178
217.79.188.54
2600:1f18:612b:4232:dec:f48c:c120:9a90
2600:9000:2156:4c00:3:a4cd:8380:93a1
2600:9000:2156:a800:9:46dc:4700:93a1
2600:9000:223f:7000:f:9fb4:2380:21
2600:9000:2240:c400:9:46dc:4700:93a1
2600:9000:2315:4000:6:44e3:f8c0:93a1
2600:9000:236e:7a00:f:458e:2a80:93a1
2606:4700:20::ac43:45a0
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:dadd
2606:4700:3037::ac43:c9ba
2606:4700::6810:5814
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:806::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80f::200d
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::2013
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2016
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a03:2880:f12d:181:face:b00c:0:25de
3.67.149.72
35.227.203.184
35.71.131.137
52.15.219.226
01f81923aacd2ae9a0881304a6f39cff4f919f935334b7427aa06115fccf17d5
029e542f54684fc0bc29504dd82348dd685c0ac0d88c525795d0f33bc139f89e
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4c6a650b06f393adc21234ad284683386081c6f2304e9ef476981a400c2349
0e9bb4a85d24bc9d1dae57c99bad784983efde2e96b2d9c7b613953211de5c67
1138fb9c6fb4821fa8b16aed16476559e6ef1813113b75c591b9c23f2f01ac4b
13e856ef710d3612e2730ef03e2114d2dd6d7c11835190b892417b9edbcd6dc0
172cbd34a384654a2f11fe4be04f54fae5303fcf764d6b11aad9351538773f2e
17b778dd62a1f9c542707f4a504dfccf5fe84b898b3e5d0167b8cdee160fdd80
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d2e4c58ed4418084cf308fdcd39c08b414e73a06bc020848c585ad5b1caea1a
1f921a0b1e937dca00ea49be99a6434c6babee9ca46d0c7264bc9fd441eae10a
22140504b20f06831969e91ea61bbcc416e24240847673bbefed07e597526aec
24331bbdf40c95e911c59ea6beb4dea06c862b129605ad6f06f845fc1f0f059e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277b224677ce0c6d744492ba8052eb70fea715898f53743513dfd5f1410650d2
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
2c7c177c32c476b49c28c9f0c72c9b960438fb31e2bdc207bebf63b6cc41bc73
2c888fec7b7400dd71e79a7497a5c37ef65914b17d6cf03e27aef7fc0ebf2c83
2cb4839eecc0e926128fde68deea6a954adc86b0d44d73cc81282ae7132ad831
2ea4e6420a06884ea2613cad4c76e860fd3bc2880a226d838d854c7d5bbbe80c
33936ead124ab864ecc551407f3d598bd14ac6924d20617ad412b8b16bd58183
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
3dd900a2184c85ade5545276525bfa91f9930c19144a1333c5b473c11d63d6d8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40c132b928fe00cf669996aedbaf555a6ec3b19ad519d33638de676b97691659
42310df4073c8488550d8fbc0d7dba17d0319051ce5338ae6ecb4eac290202a4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a89c0af44ab32416f9065d5ea84171f7530be632d0647b9739e073335327d40
4ce777800ddd3c11cf995f0ad51e3351c4960b950e60d1190898916e1ca61541
562cf7de0e7b831a3f8c0af5fe0268a22be4d000c9b600eb1337a65afa34274b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5723bbe85212425b466e89a151bebcbd00c230fc15447df005288c58f668eb9a
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5c342c1a232136c85ccab7587fd6250076d509d4e2f8f7fb20553f3cd4e14bf6
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
6353e203221bee5f1fb1c183d2396244be5d4b61bcff122a7268e590896e759c
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a39869b5c0a2e7540a1b80f8671462bb6d647f8989a65338decb01e934ec55c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b89ce9b72a646720a7c02d24c2258fae93082660ba1ce3180a2f7a8405d0bc4
6cc7bbc29b3f3eecfc025d7148a50e671a525c166fe54438fbeb46b079cd3daa
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
71518e46463eba2ba7cefd9e6b0d4604b8e026eae3111379486a510c4f6f78b3
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
733015e2493f654c07b7302b782cd8e2c69535a3ccca8c7dda68edfae9445038
79abd0636f1a3eab2ee2d8fc487071f8ccef4521962cb5d236178168d48ad33c
80fd30075686790aa3f14df7618a3345dd46328121b572e0b10e04b74ea4201d
820493279edc223b94c392e6e19f60e026e15cdc4df94fc2a8459a28f139b8bf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
8c8fd1976412e601def612777c203cf8f3184c65cce41096b09b0dc1e19412b2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ed2c92ad391bef229d66f118123da5efc9613b72f13c19cfe414f0762d39ba3
9250eed0233cec7eb3f87e3ee3b0590ce7b9415cfe9fbdc702e01b215b5a386f
958cb6c3e44243c5ac97f677a420dd304c9a390700e6e3f243fc7b32e44334c0
9d1c9509c5434a558df5debcafd33eaca04b13893d0a9d63dd7498fee9a3bef5
9dc8597633a325ffd25e6ed68b93cefd55d68e08bfa782fa7cfc3b4cdb7eed8b
9efa0693b5a54124a176eeebb1f89b1869fc0e321368f6d36eba35d882687a77
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a420e9005e555bdad6792ee3abbafe50a00af5479346a8daeee2ac9676dad8af
a90936617b1df8dcbcd107195ead9df89d1e9a66c0aed92d613c82cc9a3ec1da
ac4d1bc44614de7a1c797e8c77e49af910a09a8c9a1c5de7bed228eb5f00939a
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b495f3a07d2e33733e326e03bba1d0f2b3f40711636110279a01214905fbabad
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b85e465e8a7ddfac45eb9f8a1f40b19358b749a2bce2f10a9177d6e987e37164
b924800c4bdf71d07fa5a30cced6a1c89dd70c40cfbcdf4ae03c4bc3f962dcdc
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bc77d672b1c657ca11ff665ff7f4f4265618bc78dc6da334e2457654afe32fd6
bc7cbef4a0ad29da7e5127143865bfd7169c9b87e3dcc3a0d40fa75a7ee1fb46
c030705d688511bcfd977a890ba3f68318d006fb4c712e3b545630258503270a
c16ce59534a31be0e9f7bf8239342d5d4b673ec8785ae26835aff1a753661c51
c494e4379b47eebeab6f4259d05f17c0723cdedf523e3f3d514acaed750bbf37
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c550bd3e890389295486914e522fa1892e53548f8890631bd38041a6986ef225
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d37fe16196b4704011839539f6a00976343f75e6859c3afc2eafa5c878cf260f
d3ae4df39517f33bb481e0ab6a0b55a5ec6360a4c0ee6c8e362c5fa0d5da44e3
d572d5d1a55caa01881599e4d1ff4bef6033ae9d75a8c9f44489c9ceb6db0086
d74b590fcc8d9c451b2ecba1c0e5bae3a1d00db30130e8da00c454e066fa8dde
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da7bbff5799078ed063d388bfe2b0c0846123d7dea8e17cc660d2e8ec6025381
dd931e5c650a99c8d96b8b5a0c63be357aee1ff93fb7c0804513ed4a7c88b828
ddd5521b76d3a1aee45e19d85bf7f9ada9c351397a34268f3559bedda4ffc94a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e19a5fa5bfd9274632e89732203714cdfab393e74add6a085951cc447d27aefb
e1ea365d4cd0f63d198a882f0b2af3a0829db821ea730f9f8f85b85372452649
e2be2ffe3d1b155a89a7e2035b77ecb27f06b0853dc7880759d060fc0ae5fa68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56d1a2eaba2ee5df801c953548f9fdcade501929bcfacd3cf3bd26453bfc921
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9d4a17a71ce7734acb44370c6b194125649e8c584f6f1a94dbcdebb4532b1a9
ea0749f0d87b78554a570e92c3ceb965e9ee899c86c17b927fd8f70013de10f9
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efa356ed1428b543eaa8e4e88639ebcb98f929a7fd13ab30d5236fd56f38cd3e
f212b2ea4b14ef3142ec3cc43c88a0d1278e725d828e4336a64b8033ecc5c991
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f6014ec209fe02a0484b1dbe8ccc69425a3794433ed0791859ac59e46a3e3d4f
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd9f71ce8d2a02707ce25a783b3121c8ce8414fae189ae5c4d1cbacbc6e00637
ff329510221b6c71c74be62c5ea1e57ae09f0326420d6bc9d4f8ce0eeed405e4