work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://workink.co/2Fk/Nitro3mois
Effective URL:
https://work.ink/2Fk/Nitro3mois
Submission: On November 19 via api (November 19th 2022, 2:43:22 pm UTC) from CZ — Scanned from NL

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 26 domains to perform 72 HTTP transactions. The main IP is 2606:4700:20::681a:b77, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink. The Cisco Umbrella rank of the primary domain is 822903.
TLS certificate: Issued by E1 on November 7th 2022. Valid for: 3 months.

This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
5	2600:9000:224... 2600:9000:2240:e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:c5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:45a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:dc00:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:c000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:e200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	54.177.190.158 54.177.190.158	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3030::6815:1ab6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	18.158.76.116 18.158.76.116	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.75.190.240 54.75.190.240	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:4bf1	() ()
72	33

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

workink.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:b77 (United States)

ASN13335 (CLOUDFLARENET, US)

work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2240:e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c5c (United States)

ASN13335 (CLOUDFLARENET, US)

b.sf-syn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45a0 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect-api.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:dc00:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:c000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:e200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.190.158 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-190-158.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:1ab6 (United States)

ASN13335 (CLOUDFLARENET, US)

achcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.76.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-76-116.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.190.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4bf1 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	work.ink work.ink — Cisco Umbrella Rank: 822903 redirect-api.work.ink	237 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2956 test.cmp.quantcast.com — Cisco Umbrella Rank: 10291 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11658	186 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	378 KB
5	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6735 router.infolinks.com — Cisco Umbrella Rank: 2500	59 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 390 mug.criteo.com — Cisco Umbrella Rank: 2725	1 KB
4	youtube.com img.youtube.com — Cisco Umbrella Rank: 3305	11 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	161 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	41 KB
2	achcdn.com achcdn.com — Cisco Umbrella Rank: 186571	60 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1411	106 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2632	49 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 47811 thisiswaldo.com — Cisco Umbrella Rank: 40886	102 KB
2	sf-syn.com b.sf-syn.com — Cisco Umbrella Rank: 146338	3 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	165 KB
1	4dex.io script.4dex.io	866 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 341	385 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1433	313 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1762	291 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 847	633 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 46962	906 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 917	10 KB
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 58152	456 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 458	62 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 996	210 B
1	workink.co workink.co	638 B
0	rlcdn.com Failed api.rlcdn.com Failed
72	26

	Domain	Requested by
13	work.ink	workink.co work.ink
5	cmp.quantcast.com	work.ink cmp.quantcast.com
4	img.youtube.com	work.ink
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	work.ink www.gstatic.com www.google.com
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
3	router.infolinks.com	resources.infolinks.com
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	fonts.gstatic.com	www.google.com
2	achcdn.com	workink.co achcdn.com
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	b.sf-syn.com	work.ink
2	resources.infolinks.com	work.ink workink.co
2	pagead2.googlesyndication.com	work.ink pagead2.googlesyndication.com
1	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	rules.quantcount.com	secure.quantserve.com
1	youradexchange.com	achcdn.com
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	ipfind.co	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	cdn.thisiswaldo.com	work.ink
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	redirect-api.work.ink	work.ink
1	cdn.taboola.com	work.ink
1	workink.co
0	api.rlcdn.com Failed	ads.pubmatic.com
72	34

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-14` - `2023-05-13`	a year	crt.sh
*.work.ink E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cmp.quantcast.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2022-06-01` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.confiant-integrations.net E1	`2022-09-26` - `2022-12-25`	3 months	crt.sh
thisiswaldo.com R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
ipfind.co Amazon	`2022-01-03` - `2023-02-01`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://work.ink/2Fk/Nitro3mois
Frame ID: 0DC05B107743EEF58B1DADBB1FAB1F2F
Requests: 58 HTTP requests in this frame

Frame: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668859200
Frame ID: CD7C2F04ABBC17A44617CD23E872AD7C
Requests: 3 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2Fk%2FNitro3mois
Frame ID: 90A1287B57AE8B04E1AFD4932E135867
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: BD9FAE42199FE94F46FD29ED2204A4E7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=po4nncfgpbhe
Frame ID: E9A58FD61601490D0A44CB096430F3CC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Work.ink - Best Rekonise & Linkvertise alternative!

Page URL History Show full URLs

https://workink.co/2Fk/Nitro3mois Page URL
https://work.ink/2Fk/Nitro3mois Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

96 %
HTTPS

69 %
IPv6

26
Domains

34
Subdomains

33
IPs

4
Countries

1634 kB
Transfer

4990 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://workink.co/2Fk/Nitro3mois Page URL
https://work.ink/2Fk/Nitro3mois Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=NX78h3wvQXU2ZmRsMFBxWTRmRU50Wjk2NmpNeEZKZkdIZmdPMng2WDQwdUZGdWw5a2NZelZaRW5VRlNxUHR4akNEM2x2a3BDa1pTM0NwY3laNVJYM25IRGw0VzFZYnlqTndYUm5NejFIOVlKL1p0ZDFaSHMyaHNDaTNSN3YrcVFzY0Rmbm80M3dwbjVpRDVPTStuRElYaUJHOE1UUDh4L2dmYjBjb2c2bW5SdkkxeThHdTQ2cDVJWUhmQWYzcnkrQitpOUczdzRWUVBPQkVvazladjFPT3Q3UnlSN1ppZUNBQ2dUSE5FcTM2ZitNcmJFPXw&cppv=2

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Nitro3mois
workink.co/2Fk/ 316 B
638 B 191ms
93ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://workink.co/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76c9b7997f9e1c04-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 14:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeawwqFsF070Zz9d%2Fn%2BcmWbkJBvc4z1uTDQ2i2IE6avv2yipQB%2Fw7lJ5hNadbjjb0AzysoUhClC%2BMTbjOWNhtRND4qIxU3STpKZqx8ueyOtE2tOKXu1tVR%2BrW%2BHSD9yzz%2BI22YEdHtKf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur

GET
H2 200 Primary Request Nitro3mois Show response
work.ink/2Fk/ 10 KB
4 KB 178ms
110ms Document
text/html 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/2Fk/Nitro3mois

Requested by

Host: workink.co
URL: https://workink.co/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeaa6a87a67cba3a0b3f46b27024a2d5602bc3d684dd6ca56d5317b42c43a5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://workink.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76c9b79aa836b97a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 19 Nov 2022 14:43:16 GMT
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leeVq%2FZPIYezPjs6fsPhAzSfPHQGQIDqTuito1irFa8AbPlioMYgUV%2B6%2FhmgXPJrsTkkGKf2QIJQdd6XKPQ%2FH3Qocy4rEzYgUXdzElA8xTfIScQAB8djhX05dFnm91hx15ut22B3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: sameorigin

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 191ms
119ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64735028a8b3bdf47c2e299d7dd90fdd012cdb344abf2ef66014c3f635424fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49145
x-xss-protection: 0
server: cafe
etag: 5466545124533809363
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:43:16 GMT

GET
H2 200 chunk-vendors.f4c76a04.js Show response
work.ink/js/ 249 KB
88 KB 46ms
45ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/chunk-vendors.f4c76a04.js

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4708371a2c266f400e5a2285490470881906ed22d44d21d641b230c685f117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-3e390"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZlOV7yAfk%2FIptAmVToFqh1TrSttmfhyXakcCNOP1rIRrtC1S%2B9DXqSCJ8mPgYuYmTusTASwbgs60jvAEUkcKlQCXk%2FrpGyjMLpoV6kMO1Vj1e%2FPlrmyZlCawfT4nKD5Vx16QJv9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 76c9b79b6913b97a-AMS

GET
H3 200 app.3cc2a200.js Show response
work.ink/js/ 199 KB
93 KB 46ms
46ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/app.3cc2a200.js

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2a9dc38d59a322f8157f22ee197265c326d0f6a56ed177fb4693633121867c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5924
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-31aa6"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y8%2BjH3HBHlHn%2BS1%2FNakjflkvW3i6DpLAwB%2BWNasphzs5hJ7uaObuBdBny%2FSAZ9Idfb4itax79mvBZuyOHf2%2BGz%2FYeaLRv6w2Wpz3daVjwjf%2Fpni5ieGt49Z6Sch4qQIlflz0vz%2F"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 76c9b79bb922b8b8-AMS

GET
H2 200 chunk-vendors.3ded2ec4.css
work.ink/css/ 51 KB
7 KB 45ms
43ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/chunk-vendors.3ded2ec4.css

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
cf-polished: origSize=52731
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-cdfb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1PhKFWgVtPn5Tlw%2F0CE5%2Bb2P6K4ezDjH1SRA5dltLh1KS4c%2FEXew94VwprwLBx%2FuEPvfRkRSAI3UmvYJ02blYFMKjr0cVqff%2F9dCY89ONkYU38Sk8CNtKXuaLPRXaAvowyPX8v2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 76c9b79b690fb97a-AMS

GET
H2 200 app.9f75da6d.css
work.ink/css/ 19 KB
4 KB 40ms
39ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/app.9f75da6d.css

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a285c7b7b5d2b42d829c7db8153ff2e3331fe1c8bcce884de35a89271a982943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3840
cf-polished: origSize=19754
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-4d2a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM2N6W2BUEu8Sdv9OmdCDE%2FvLE0zXPqjZd4b9eCN94OthS6aJjKKgpYcObHfjJ40oNvzd6JcQGoU%2FbFaFZkErAr2gHFHQhnlw91RFXy6Ch5nzJqhgvuEXmnQSX6sbjTv7zrc5Dlh"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 76c9b79b6911b97a-AMS

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
2 KB 133ms
39ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf2a73823b8dd96a39d1b2926e816d5ec549de425bd4bed227e599f78e8e0e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 20:02:45 GMT
server: cloudflare
age: 9608
etag: W/"e0f-5edb0129af3ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 76c9b79bfd1a0df5-AMS
expires: Sat, 19 Nov 2022 13:03:08 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/workink/ 14 B
210 B 329ms
123ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/workink/loader.js
Requested by: Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by: cache-ewr18165-EWR
date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1668868997.672853,VS0,VE29
x-cache: HIT
content-type: application/javascript
abp: 53
cache-control: private,max-age=14401
accept-ranges: bytes
content-length: 14
retry-after: 0
x-cache-hits: 0

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1835.006-3.025.ab.1834.006-3.025/ 183 KB
56 KB 38ms
38ms Script
application/javascript 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1835.006-3.025.ab.1834.006-3.025/ice.js
Requested by: Host: workink.co
URL: https://workink.co/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 17 Nov 2022 11:52:12 GMT
server: cloudflare
age: 3093
etag: W/"2dace-5eda938440d83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76c9b79c3d870df5-AMS
expires: Mon, 19 Dec 2022 13:51:42 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 109ms
32ms Script
application/javascript 2600:9000:2240:e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:42:30 GMT
content-encoding: br
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 47
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0eShO9gTSTAHBbFWOkYlaui77PuiK5GXH7KECsBgKXKWQexqhuxStQ==

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
2 KB 99ms
35ms Script
application/javascript 2606:4700::6812:c5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sf

Requested by

Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .aaxads.com aax-related.sourceforge.net .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .criteo.com .hitachivantara.com .recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-security-policy: frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.aaxads.com aax-related.sourceforge.net *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.criteo.com *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Sat, 19 Nov 2022 13:10:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76c9b79cfe040a79-AMS
expires: Sat, 19 Nov 2022 18:43:16 GMT

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
1 KB 100ms
37ms Script
application/javascript 2606:4700::6812:c5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sd

Requested by

Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .aaxads.com aax-related.sourceforge.net .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .criteo.com .hitachivantara.com .recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-security-policy: frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.aaxads.com aax-related.sourceforge.net *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.criteo.com *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com; form-action 'self' lists.sourceforge.net; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Sat, 19 Nov 2022 13:10:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 76c9b79cfe070a79-AMS
expires: Sat, 19 Nov 2022 18:43:16 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
968 B 138ms
65ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

866555dcf584bbee30be251a59cb3a00356f60dcf060ed1a52359917828a44e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 14:43:16 GMT

GET
H2 200 ping Show response
redirect-api.work.ink/ 13 B
544 B 140ms
57ms Fetch
application/json 2606:4700:20::ac43:45a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect-api.work.ink/ping
Requested by: Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3874e63167becc35249c13eb1e40b8b0247427fc856b39c21e46a83de36b8a25

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"d-NMovXDE1NuzTr1lpmBE8ZRjliFM"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sTLq4qED13x8pgz7F%2FLYHVM02WG309mEjX0bWaRmRBCQ8m3XMmAEXZqRA29sY68O4sEX%2B6UEjiWg0CmI2oEGkuedwHgHOeIc%2F6kEs9ktZ9dnxVWOr18o6q8V1TTq9JG18ls7sQicqVFFLTVw4X7P8XTZ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 76c9b79d3920b74f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13

GET
H3 400 s.js Show response
work.ink/cdn-cgi/zaraz/ 24 B
445 B 40ms
40ms Fetch
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js
Requested by: Host: work.ink
URL: https://work.ink/js/app.3cc2a200.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RuoELazBkoa0aqLBWo%2F6KWganCqMwSQU7nxiPOmW8QsCKkzpY%2FDpPZFCztPstqDYBvTrDUNmDhswdmoNUIy3nWIlRan80q7PWdo%2ByJ%2F3TrpvZkJiaZCPOcok4a0hiNLZ1xf3%2FsG"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 76c9b79cba78b8b8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 invisible.js Show response
work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame CD7C 38 KB
16 KB 32ms
32ms Script
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668859200
Requested by: Host: workink.co
URL: https://workink.co/2Fk/Nitro3mois
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b50df7384e1ec9678b499ff381095499202e11c37de4f3044f88d23ee782f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BzHbCQH3q0KVbhIzb4%2FvDw%2B7dL5dsBW5rl8qX4HJCOBlFzZutwwb17RT6EZH9wQydtbZBkCMYofI%2FobCO8fyTnyzMgcSwD14ZEgbP8GjSx8Yi9r8HTntTETrj3Em3Y%2BB8mdbKIn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76c9b79cba7ab8b8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s.js Show response
work.ink/cdn-cgi/zaraz/ 5 KB
3 KB 40ms
40ms Script
text/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC4wNjMwMzAyOTI0MjYzMDA2NSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd29yay5pbmslMkYyRmslMkZOaXRybzNtb2lzJTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd29ya2luay5jbyUyRiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by: Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a190f72480960417e265c1459dc943ea3a1330953bf39500c1f585a6dd08ef01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STUoHArFCfIrbSCmVvtjDbNcBlhTNR2sHI1SjpvHEbeilY6QQBAyMv%2Bu8EN%2Btgas%2B3J01mmt4e%2FnYewtXIfr5pkc1D3wYSoxxCNZaek6mP1Z7bgtqpgQsC90t9wBwTJ9ePGRXq2D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 76c9b79cba7cb8b8-AMS
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 90A1 0
43 B 226ms
192ms Document
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2Fk%2FNitro3mois
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025.ab.1834.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76c9b79d3ec30df5-AMS
content-length: 0
date: Sat, 19 Nov 2022 14:43:16 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
33 B 286ms
257ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2Fk%2FNitro3mois
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025.ab.1834.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c9b79d3ec40df5-AMS
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 0
33 B 292ms
264ms Script
text/plain 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2Fk%2FNitro3mois&jsv=1835.006-3.025.ab.1834.006-3.025&ref=workink.co%2F&_cb=16688689966340
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1835.006-3.025.ab.1834.006-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76c9b79d3ec50df5-AMS
content-length: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 200ms
132ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2046708012782383&plah=work.ink

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de31b743d8a3fb9d4f1b6a65d707da04be415a1dbd7416ace9f1be4bf4fa3a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119614
x-xss-protection: 0
server: cafe
etag: 2122150442868851946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:43:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame BD9F 10 KB
5 KB 136ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 83254
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 18 Nov 2022 15:35:42 GMT
etag: 10353107486223812946
expires: Fri, 02 Dec 2022 15:35:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
47 KB 40ms
39ms Script
text/javascript 2600:9000:2240:e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 14:51:41 GMT
content-encoding: gzip
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 172327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: PKEHND4nsBB_phBEhfS1AK_ufLf4GRDXMbY9QSeBfCGtAP6A-oP3KQ==

GET
H2 200 11929.js Show response
cdn.thisiswaldo.com/static/js/ 345 KB
101 KB 146ms
32ms Script
application/javascript 2600:9000:2156:dc00:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/11929.js

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:dc00:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

f7f7c9968bc34791cb1568fa746996c40f4354735b6a3b07eebdf9b2c65e578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 01:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Nov 2022 17:17:22 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: "564b4-5ed20f23e5ff4-gzip"
age: 48418
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: thUfznfRJwNdXzCfvl7f0ucH6Cj5qd9hZa63E72GfsMLpG__x7jKBg==

GET
H3 200 workink-colorful-md.8d4b6dda.png
work.ink/img/ 6 KB
7 KB 38ms
37ms Image
image/webp 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-colorful-md.8d4b6dda.png

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5920
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="workink-colorful-md.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6626
cf-bgj: imgq:100,h2pri
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: "636ddce6-3ccc"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvuwQTE3reYlQzHcg%2F7l%2FoYkIFD%2FAmA%2Bhcj4DIsMiddcMXMmkTzjP82tgl6wPYnu9kpdsea7dW%2F4M9CXzZ2frKPMKBu1hRMkpkLzFcAIL7gQhGjYnUlUUbkgBppO2TnzqAs%2BSTbb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76c9b79d7b81b8b8-AMS

GET
H3 200 loader.a62dee1e.svg
work.ink/img/ 593 B
832 B 38ms
38ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/loader.a62dee1e.svg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6178
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-251"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBr7DIhK1aFMfQ9Tcb%2Byob3sT2%2BTzlxo6TL%2BZmu1OKVQLSgfbXDkTFmoOCCMxXTFA0pOypvs32Xg6R8ONFbSNCj4VoVVqP1TTjvQ7TOXj7MMGJb%2FPu0d8mjrmDyuUPq5cikNXrH8"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 76c9b79d7b82b8b8-AMS

GET
H3 200 workink-white-md.4be034e5.svg
work.ink/img/ 8 KB
3 KB 42ms
42ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-white-md.4be034e5.svg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/2Fk/Nitro3mois
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5920
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 11 Nov 2022 05:25:58 GMT
server: cloudflare
etag: W/"636ddce6-2151"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZoMc5sj418SPCTLeKBLIyPhxhqaDdOaeLF2OtEKjrqPS0GIgHU%2BUBfKgXjWDI7iKqrf%2Bpu0gKX7wwyE3cIsM2E1KT2qYG%2FC2OIsOv%2BgpblabJyrD%2Be38zN8U1jMGjuThic7beGs"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 76c9b79d7b84b8b8-AMS

GET
H3 200 pica.js
work.ink/cdn-cgi/challenge-platform/h/b/scripts/ Frame CD7C 20 KB
9 KB 30ms
28ms Other
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f357f6ac5a05a2388f3570e6bcddbfc4d90f0073d14d0269b1310bf304df112

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:16 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHYysxeRcAB9LYqL3Se31YrPG4ge%2BurBtRvt3%2Fo%2FfqN9U4G7xrDLSfR2osr8c7uom3WUDZr%2F2sfeCLegHphKfGLeTSzObOFwBkvNTwcGBxuQtwKaPKJlG0TZF78TTWE2zAltc3ae"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 76c9b79dabc1b8b8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 401 KB
161 KB 190ms
65ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0344c4ab3396a35d691302a41bc6fe16c2129e7eb330ee77f182b7a2d38f7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 19:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164234
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:58:15 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 126ms
32ms XHR
application/json 2600:9000:225e:c000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dcdb794cf5e19b747a7c2ba364bfc44b7fd1848fcb6dc538edd84af839481579

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:00:37 GMT
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
content-encoding: br
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 42160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
server: AmazonS3
etag: W/"67643b5faa0950a5532c47758ba39d2f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: oNkQyNHZ1zuHGSczbbHVtsdehP1NIf60EYHtzFyCMqbU4ASz_ZbjLg==

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
56 KB 38ms
38ms Script
text/javascript 2600:9000:2240:e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 18:33:03 GMT
content-encoding: br
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 159014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: vIxxTFdtsphnx598rAp-61Jw8D8eu0MsoXUTfmfGDHVQO2wmQa9b6A==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 349 KB
43 KB 101ms
37ms XHR
application/json 2600:9000:2240:e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0fb958894d057f4a7a659caaba8d47e43b5ba368ea95b80d92c4df6b4d28a13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:00:40 GMT
content-encoding: br
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 42157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 19 Nov 2022 03:00:33 GMT
server: AmazonS3
etag: W/"9daddd429318a3a998a7f41ea884d2b0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: NeRzue0Q6nS5FvxVwwS3PxAYtumQf0PZek1OSrn-BzQXbozKexi7tQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 150 KB
35 KB 133ms
70ms XHR
application/json 2600:9000:2240:e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 03:01:39 GMT
content-encoding: br
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 42098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 19 Nov 2022 03:01:36 GMT
server: AmazonS3
etag: W/"5e5c32e11030f411462907ffac99a722"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: u4wBYBDhEAaw6GEk6ssogkEDb7eqhpXBAPmuW89CqgqEu0VqHtX2kQ==

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/ 4 KB
2 KB 130ms
33ms Script
application/javascript 2600:9000:2240:e200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:42:51 GMT
content-encoding: br
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 21:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 33
x-amz-server-side-encryption: AES256
etag: W/"84f67876c95a3a1982d1378d05722a85"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: fjkOyyAXmsmTRWb8kj3Tx41wsU2PGxMEvKcNIq_fZxs1lLsqudK9DA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 201 KB
62 KB 131ms
34ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:52:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=78045
accept-ranges: bytes
content-length: 62752
expires: Sun, 20 Nov 2022 12:24:02 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 203ms
69ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c433c755e7e56f69187040a9463a9c2a37490b5525adf7f9a4a5a082b75eb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1396 / 463 of 1000 / last-modified: 1668812924"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Nov 2022 14:43:17 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 195 KB
39 KB 101ms
34ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea39e19626d240375e5d94167fd2828ba106e49e60ccb290ccca5ad84ea8d01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Nov 2022 13:20:33 GMT
server: cloudflare
x-amz-request-id: T973N8QS6VW79M3R
age: 872
etag: W/"a13a14cfe9793732d45137c20128ad44"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 76c9b79f4a5fb7fb-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dw5VHCKSz4e673P0H8ny/oPwf0O2SYCcXEfCOOR9R5rywMgEyEKLnrM3JjGeYJdiCizxphxc8iI=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 623ms
364ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sat, 19 Nov 2022 14:43:17 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 359 B
456 B 574ms
195ms XHR
application/json 54.177.190.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.190.158 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-190-158.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6d8b0f7e479b4461ac03f38e0cb359bd80b57cffa467ea1339edfd208f7e6b86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 239

POST
H3 200 76c9b79aa836b97a Show response
work.ink/cdn-cgi/challenge-platform/h/b/cv/result/ Frame CD7C 2 B
1 KB 44ms
44ms XHR
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/b/cv/result/76c9b79aa836b97a
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668859200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=BUnyPp1EK2RnaJR_qVYKAiUd4O8MLA7xjGMvmMgbXzw-1668868997-0-AVpqCuejjfSlQyLNZsdV9yuPdF0Wo7dsH2fQWeUbKIqhkoKJQwnOXyrJbV136KIUV1Uwc8dwnB0TdEM_bi9NJIk; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1OlmSEcJvg7gRlQXp4KIP8GljVozJSZnOLxNUfOElhgtkw3Fyjq3rr2W1kl2%2BngRVE8gjM%2FEKHUCqwADhuZbLPwSXgqtB6nIjBjrnaxlq7IDD2vMu8jw0EPi01K7vt7NmtpRITl"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=BUnyPp1EK2RnaJR_qVYKAiUd4O8MLA7xjGMvmMgbXzw-1668868997-0-AVpqCuejjfSlQyLNZsdV9yuPdF0Wo7dsH2fQWeUbKIqhkoKJQwnOXyrJbV136KIUV1Uwc8dwnB0TdEM_bi9NJIk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain; charset=UTF-8
cf-ray: 76c9b7a07fa9b8b8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 suv4.js Show response
achcdn.com/script/ 98 KB
34 KB 135ms
60ms Script
application/javascript 2606:4700:3030::6815:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/suv4.js
Requested by: Host: workink.co
URL: https://workink.co/2Fk/Nitro3mois
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 710
x-guploader-uploadid: ADPycdvP3IemmK8Vr_KitEwI_zMUJp1XJCPndt_vYc3nIlNXhbedm7YU3sxwr4nETPO1YpSNb8OZrwYsNwP0SVB9XxopTmU18t4R
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 08:41:05 GMT
server: cloudflare
etag: W/"90a406e7c114cb9cbdbd171d8282e224"
vary: Accept-Encoding
x-goog-hash: crc32c=PsCFGQ==, md5=kKQG58EUy5y9vRcdgoLiJA==
x-goog-generation: 1662626465441111
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqyWBj8c57V5O%2BSE7wVlB%2B8OPFsi5K1sWC9caU52rAo%2BG99cLkUlyiMzjdVytbPkidtWJl4CUR8YwztlBy2H4%2F8ByftI%2FIlRprCE%2F54L5uWLeEchs1btLNiQa3v%2BZqhBOyvj%2BaN%2BeqvB"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100523
cf-ray: 76c9b7a11b6491d2-FRA
expires: Sat, 19 Nov 2022 14:32:09 GMT

GET
H2 404 default.jpg
img.youtube.com/vi/E48NEq8F-9c/ 1 KB
1 KB 163ms
68ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/E48NEq8F-9c/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sat, 19 Nov 2022 14:43:47 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/AlRuSjp7cec/ 4 KB
4 KB 152ms
57ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/AlRuSjp7cec/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

313b0b9da4a2eea5f7a4032d3f8767841f014163e78e991acf208184539a8770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:53:18 GMT
x-content-type-options: nosniff
age: 2999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4001
x-xss-protection: 0
server: sffe
etag: "1658724269"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Nov 2022 15:53:18 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/hNWyEL013yQ/ 4 KB
4 KB 155ms
60ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/hNWyEL013yQ/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9554f92b1b7f1ba104bc000ac19d8ed83e9c4d02a8f7d79fe29d000cf73b4e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:18:46 GMT
x-content-type-options: nosniff
age: 5071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4475
x-xss-protection: 0
server: sffe
etag: "1663901189"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 19 Nov 2022 15:18:46 GMT

GET
H2 404 default.jpg
img.youtube.com/vi/zW4omIUq59o/ 1 KB
1 KB 195ms
101ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/zW4omIUq59o/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2Fk/Nitro3mois

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sat, 19 Nov 2022 14:43:47 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E9A5 42 KB
22 KB 141ms
76ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=po4nncfgpbhe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

acd1b61f65b0b3f94fdb3ef38264e2375b2a1089b100092f2bd47a4c6375bed4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dj4h9poWMSpqlj3mXeJV_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22016
content-security-policy: script-src 'report-sample' 'nonce-dj4h9poWMSpqlj3mXeJV_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 14:43:17 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 111ms
31ms XHR
text/plain 18.158.76.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22work.ink%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1668868997287%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-v0p8yuugwbge5ue9f6qn%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.76.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-76-116.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Nov 2022 14:43:17 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 118ms
32ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d92ecee434f7ba89b4efc74a4fca7a7ba57c3d19408e98c205bba9c76529f7dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
etag: "ARCJ3bZzg028nAVGSSCKyA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 26 Nov 2022 14:43:17 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
47 KB 38ms
37ms Script
text/javascript 2600:9000:2240:e200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:50:50 GMT
content-encoding: gzip
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 3148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: U_O8YpeIMXvMn8VBCDFc0in47yOR0iknuSi1DFHlkZ5tXZrHgw6Gzg==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202211100910/ 212 KB
67 KB 92ms
43ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202211100910/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 10 Nov 2022 14:35:42 GMT
server: cloudflare
x-amz-request-id: 8FMXYVYM8V2QHGXQ
age: 364733
etag: W/"f907f76d0cf55dfde491009ce035c1c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 76c9b7a1bdd40e64-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1dr60DhXt96mieM3MG+2Mx7UKjDQ32VhRXv1+eVQeoH48X2eA974XisbIHdDLrMLuUOzLfYtnAs=

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 121ms
58ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 09:58:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Nov 2023 09:58:25 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 187 B
125 B 215ms
96ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=work.ink

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f828a3932b30e36e30e596e43b5757afc9e834c3532f686e9b85562c0b07e935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0
expires: Sat, 19 Nov 2022 14:43:17 GMT

GET
H3 200 ut.js Show response
achcdn.com/script/ 70 KB
25 KB 125ms
56ms Script
application/javascript 2606:4700:3030::6815:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/ut.js?cb=1668868997371
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1158
x-guploader-uploadid: ADPycduxBPe-xxn4RWgYhI8ZBbwGkkDW65tffK9iwT646mBzOol8wC088X1fbXvF85-KLQD9Syel9VjaPVj8rZDZIVkfbA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Aug 2022 11:45:52 GMT
server: cloudflare
etag: W/"c7304eebcb5069f68bd3fa9e74218a36"
vary: Accept-Encoding
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-generation: 1661773552581597
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNipLldrZDujg6YK7Hv%2Br%2FMVzQza3P4AZThi7ahguTObj%2Fo5BU3zuWaWfJFTyVtyaLY%2FaW1TDqPdbBvtqoDPXIeYZ%2FusRnKpSybszACkVky6zO1dBRveABhi%2BTtKg%2BJHRayXNgKDKdbe"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71356
cf-ray: 76c9b7a21a0692c9-FRA
expires: Sat, 19 Nov 2022 14:47:49 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ 969 B
906 B 235ms
176ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6188826&cbur=0.5773312513993571&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Work.ink%20-%20Best%20Rekonise%20%26%20Linkvertise%20alternative!&cbpage=https%3A%2F%2Fwork.ink%2F2Fk%2FNitro3mois&cbref=https%3A%2F%2Fworkink.co%2F&cbdescription=WorkInk%20allows%20you%20to%20monetize%20your%20links%20and%20thus%20earn%20money%20by%20publishing%20your%20content%20via%20our%20link%20shortening%20system.%20You%20can%20also%20link%20social%20medias%20and%20grow%20your%20audience%20on%20YouTube%2C%20Twitter%20and%20other%20platforms.&cbkeywords=&cbcdn=achcdn.com&aggr=0&chmob=?0
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: d32ac7e3fef0342aba8eae654c81c8e89271f79ef112a5f5a7a3f8ec05f91313

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame E9A5 52 KB
24 KB 122ms
57ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=po4nncfgpbhe

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 10:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Nov 2023 10:09:56 GMT

GET
H3 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame E9A5 401 KB
160 KB 137ms
74ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__nl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0344c4ab3396a35d691302a41bc6fe16c2129e7eb330ee77f182b7a2d38f7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 19:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164234
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 19:58:15 GMT

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
633 B 109ms
33ms Script
application/javascript 2600:9000:223c:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:56:53 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: TOPiZPm6LuekEaj6_y_MsWmwl8xVU5g5I7iMGCvAVlHloJUHrA4Blg==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E9A5 2 KB
2 KB 57ms
57ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 154988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9A5 15 KB
16 KB 125ms
56ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 18 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 96492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E9A5 15 KB
15 KB 133ms
63ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 404518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E9A5 102 B
133 B 67ms
67ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2688429069936fd2f4afd18bb771555132beb1f845b46325fe2f73e18223505

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=po4nncfgpbhe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 14:43:17 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E9A5 32 KB
18 KB 102ms
102ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e3a2dfb943f921238e7855c8cfa51ceb06b751b7724fa9336ba8b0a163855ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=nl&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=po4nncfgpbhe
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sat, 19 Nov 2022 14:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18690
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 14:43:17 GMT

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
291 B 295ms
121ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 19 Nov 2022 14:43:19 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=NX78h3wvQXU2ZmRsMFBxWTRmRU50Wjk2NmpNeEZKZkdIZmdPMng2WDQwdUZGdWw5a2NZelZaRW5VRlNxUHR4akNEM2x2a3BDa1pTM0NwY3laNVJYM25IRGw0VzFZYnlqTndYUm5NejFIOVlKL1p0ZDFaSHMyaHNDaTNSN3...

370 B
654 B

74ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NX78h3wvQXU2ZmRsMFBxWTRmRU50Wjk2NmpNeEZKZkdIZmdPMng2WDQwdUZGdWw5a2NZelZaRW5VRlNxUHR4akNEM2x2a3BDa1pTM0NwY3laNVJYM25IRGw0VzFZYnlqTndYUm5NejFIOVlKL1p0ZDFaSHMyaHNDaTNSN3YrcVFzY0Rmbm80M3dwbjVpRDVPTStuRElYaUJHOE1UUDh4L2dmYjBjb2c2bW5SdkkxeThHdTQ2cDVJWUhmQWYzcnkrQitpOUczdzRWUVBPQkVvazladjFPT3Q3UnlSN1ppZUNBQ2dUSE5FcTM2ZitNcmJFPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c7d4af9a782f176d09b1bb4c71c9828071b0c89fe9b8d567ef291c18babe5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 14:43:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1338354
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Nov 2022 14:43:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=NX78h3wvQXU2ZmRsMFBxWTRmRU50Wjk2NmpNeEZKZkdIZmdPMng2WDQwdUZGdWw5a2NZelZaRW5VRlNxUHR4akNEM2x2a3BDa1pTM0NwY3laNVJYM25IRGw0VzFZYnlqTndYUm5NejFIOVlKL1p0ZDFaSHMyaHNDaTNSN3YrcVFzY0Rmbm80M3dwbjVpRDVPTStuRElYaUJHOE1UUDh4L2dmYjBjb2c2bW5SdkkxeThHdTQ2cDVJWUhmQWYzcnkrQitpOUczdzRWUVBPQkVvazladjFPT3Q3UnlSN1ppZUNBQ2dUSE5FcTM2ZitNcmJFPXw&cppv=2
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 767085
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
313 B 137ms
43ms XHR
application/json 54.75.190.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.190.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-190-240.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Nov 2022 14:43:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://work.ink
cache-control: no-cache
x-server: 10.45.26.171
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 141ms
42ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: daa0532a4d99dba9a7eec870b53df5eb3965fc8cb6eb9a4090a7a5d13d231894

Request headers

Referer: https://work.ink/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 19 Nov 2022 14:43:19 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.ink
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 19 Dec 2022 14:43:19 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 240ms
25ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://work.ink
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 19 Nov 2022 14:43:19 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 430581
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 270ms
24ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 19 Nov 2022 14:43:18 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 284284
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
866 B 95ms
36ms Script
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 14:43:22 GMT
x-amz-version-id: 1666365882701197
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx36ec54edbeb74121a0ef5-006352b9e9
age: 2106803
x-amz-id-2: tx36ec54edbeb74121a0ef5-006352b9e9
last-modified: Fri, 21 Oct 2022 15:24:42 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qt%2BdcpYkEDYQyijByEd3GBbioRiMK0nPxrdnFHsoz4yMurOp0hYeHvvMtSxOxKi2tRqiIF%2FJgdLcRpnn0YFlgAVGPKlbDykHXBBkDFsH7rItlnmKVS6hF0UaM916jaTBpFUVYtfV%2Bej6prb1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 76c9b7be8f520be1-AMS

GET adagio.js
script.4dex.io/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: script.4dex.io
URL: https://script.4dex.io/adagio.js

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 11:53:40	Name: _GRECAPTCHA Value: 09AM2_ubllYQzhA2PQaQz26Aonce71Bqrq61blLfERvuXbPuWRhLR3sr-VKTXDHfd3D_79Pip_-ewZxho0_6sxjKE
work.ink/2Fk	1969-12-31 23:59:59	Name: logglytrackingsession Value: ee8239f6-a072-4380-9b09-dba2dc892f1b
.work.ink/	1970-01-20 17:10:28	Name: _ga Value: 1d5078de-4ccd-4554-96db-fa2d98296ea8
.work.ink/	1970-01-20 07:34:30	Name: __cf_bm Value: .5vp6aMX.3C9V05GpCjs3MOT_bQmKyhyv1igiYAaV3Q-1668868997-0-AaYfPRYagUkQv56SxCsaNtd/kp+kfkMo/Mb2oJtToCoteUM1OA7YAwikgtKJbgQnh+AJk/zV4LKBL0GjYVY3ogBgjpor4cNk/ypt7TjcIvVVSW30rDariCV01iun2BHRXZHErJE6lE7xqgl3HMA7nqA=
work.ink/	1970-01-20 08:17:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.work.ink/	1970-01-20 11:53:40	Name: _pubcid Value: 98ff920e-4d2c-4eb8-89c4-4cea5ccb159d
work.ink/	1970-01-20 09:44:04	Name: waldo_country Value: NL
work.ink/	1970-01-20 09:44:04	Name: waldo_continent Value: EU
work.ink/	1970-01-20 09:44:04	Name: waldo_region Value: 11
work.ink/	1970-01-20 07:34:32	Name: _lr_retry_request Value: true
work.ink/	1970-01-20 08:17:40	Name: _lr_env_src_ats Value: false
work.ink/	1970-01-20 09:00:52	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-19T14%3A43%3A19%22%7D
.work.ink/	1970-01-20 16:56:04	Name: cto_bundle Value: t2GC6V9IZVFWdEtUemxZaENOJTJCNmJLeE9nYVlXQkFBelgxVngwVnlvZVp4aDYzOHhJdFI5MEI3elNkTGg3T3drOHV2Q0Q5VVJzTjNkaTNmJTJGJTJCdERpcWVzNzlqdm96JTJGTVVGdllyV0tyZXNBSDZSaTZENkc3VXZrSDd4JTJCZHdCNEJmaUhUelU
.work.ink/	1970-01-20 16:56:04	Name: cto_bidid Value: 4-0NYl9DY1dEZWVpdzY1MXZRQ0Y5c1pNTk4xZiUyQk9yZ1AlMkJId2IlMkZhMzR2eGpRTlh1b1VYMVYxWTNKT0xzRG8lMkJqc2xQd3BRbTllQnpIJTJCTUdneHRFanhhZ0VuY0ElM0QlM0Q

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://work.ink/cdn-cgi/zaraz/s.js Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://img.youtube.com/vi/E48NEq8F-9c/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.youtube.com/vi/zW4omIUq59o/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://work.ink/2Fk/Nitro3mois Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://work.ink' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

achcdn.com
ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
b.sf-syn.com
cdn.confiant-integrations.net
cdn.taboola.com
cdn.thisiswaldo.com
cmp.quantcast.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
img.youtube.com
ipfind.co
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
redirect-api.work.ink
resources.infolinks.com
router.infolinks.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
thisiswaldo.com
work.ink
workink.co
www.google.com
www.gstatic.com
youradexchange.com
api.rlcdn.com
script.4dex.io
151.101.1.44
172.66.42.247
178.250.2.146
18.158.76.116
2.18.233.180
2600:1901:0:8344::
2600:9000:2156:dc00:f:458e:2a80:93a1
2600:9000:223c:6200:6:44e3:f8c0:93a1
2600:9000:2240:e00:9:46dc:4700:93a1
2600:9000:2240:e200:9:46dc:4700:93a1
2600:9000:225e:c000:3:a4cd:8380:93a1
2606:4700:20::681a:b77
2606:4700:20::ac43:45a0
2606:4700:20::ac43:4bf1
2606:4700:3030::6815:1ab6
2606:4700::6812:116b
2606:4700::6812:c5c
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:809::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a02:2638:1::13
2a06:98c1:3120::3
35.190.41.116
52.15.219.226
52.223.40.198
54.177.190.158
54.75.190.240
0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a
13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411
15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7d4af9a782f176d09b1bb4c71c9828071b0c89fe9b8d567ef291c18babe5fd
1e3a2dfb943f921238e7855c8cfa51ceb06b751b7724fa9336ba8b0a163855ba
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
313b0b9da4a2eea5f7a4032d3f8767841f014163e78e991acf208184539a8770
3874e63167becc35249c13eb1e40b8b0247427fc856b39c21e46a83de36b8a25
39b50df7384e1ec9678b499ff381095499202e11c37de4f3044f88d23ee782f1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4bf2a73823b8dd96a39d1b2926e816d5ec549de425bd4bed227e599f78e8e0e7
55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c433c755e7e56f69187040a9463a9c2a37490b5525adf7f9a4a5a082b75eb76
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
64735028a8b3bdf47c2e299d7dd90fdd012cdb344abf2ef66014c3f635424fac
6a87b588978127e2d64d83d8b49a4ac8e7cea813de00c1b0d67bc8cc7426387a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8b0f7e479b4461ac03f38e0cb359bd80b57cffa467ea1339edfd208f7e6b86
6f6ce602bed449940565c8bfea9921659efafc0c5409a8242eda17e6e6554c31
7184ab41cf778b1cf21506d80700c19163c1515a4a909e269695bf42d61da3db
7f357f6ac5a05a2388f3570e6bcddbfc4d90f0073d14d0269b1310bf304df112
821411a115c2f18c6ce2743f06bdaabd20332765f388a5f42044e1b5be85942e
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4
866555dcf584bbee30be251a59cb3a00356f60dcf060ed1a52359917828a44e0
8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb
8ea39e19626d240375e5d94167fd2828ba106e49e60ccb290ccca5ad84ea8d01
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
9554f92b1b7f1ba104bc000ac19d8ed83e9c4d02a8f7d79fe29d000cf73b4e0b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a190f72480960417e265c1459dc943ea3a1330953bf39500c1f585a6dd08ef01
a285c7b7b5d2b42d829c7db8153ff2e3331fe1c8bcce884de35a89271a982943
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
acd1b61f65b0b3f94fdb3ef38264e2375b2a1089b100092f2bd47a4c6375bed4
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b2a9dc38d59a322f8157f22ee197265c326d0f6a56ed177fb4693633121867c0
b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
bb4708371a2c266f400e5a2285490470881906ed22d44d21d641b230c685f117
c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d32ac7e3fef0342aba8eae654c81c8e89271f79ef112a5f5a7a3f8ec05f91313
d4d5b8dc6a7ca986941b6d029b8465ac9b4ea3b8923d57df81c99a3c03eb899d
d92ecee434f7ba89b4efc74a4fca7a7ba57c3d19408e98c205bba9c76529f7dc
daa0532a4d99dba9a7eec870b53df5eb3965fc8cb6eb9a4090a7a5d13d231894
dcdb794cf5e19b747a7c2ba364bfc44b7fd1848fcb6dc538edd84af839481579
de31b743d8a3fb9d4f1b6a65d707da04be415a1dbd7416ace9f1be4bf4fa3a30
e0fb958894d057f4a7a659caaba8d47e43b5ba368ea95b80d92c4df6b4d28a13
e2688429069936fd2f4afd18bb771555132beb1f845b46325fe2f73e18223505
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eeaa6a87a67cba3a0b3f46b27024a2d5602bc3d684dd6ca56d5317b42c43a5fd
f0344c4ab3396a35d691302a41bc6fe16c2129e7eb330ee77f182b7a2d38f7ea
f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e
f7f7c9968bc34791cb1568fa746996c40f4354735b6a3b07eebdf9b2c65e578d
f828a3932b30e36e30e596e43b5757afc9e834c3532f686e9b85562c0b07e935

work.ink Open in urlscan Pro 2606:4700:20::681a:b77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

69 %IPv6

26 Domains

34 Subdomains

33 IPs

4 Countries

1634 kBTransfer

4990 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

69 %
IPv6

26
Domains

34
Subdomains

33
IPs

4
Countries

1634 kB
Transfer

4990 kB
Size

14
Cookies

72 HTTP transactions
1 data transactions