work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Effective URL:
https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Submission: On December 19 via api (December 19th 2022, 3:55:34 pm UTC) from CZ — Scanned from DE

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 27 domains to perform 72 HTTP transactions. The main IP is 2606:4700:20::681a:b77, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink.
TLS certificate: Issued by E1 on November 7th 2022. Valid for: 3 months.

This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:87b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:20:... 2606:4700:20::681a:b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
5	2600:9000:205... 2600:9000:2050:200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:d5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:a77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:230... 2600:9000:2304:a200:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:3200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:236... 2600:9000:236e:7000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	54.183.118.136 54.183.118.136	16509 (AMAZON-02) (AMAZON-02)
1	3.67.158.22 3.67.158.22	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3037::ac43:8a5a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.41.116 35.190.41.116	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.249.162.63 34.249.162.63	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	() ()
72	33

1 2606:4700:3031::ac43:87b6 (United States)

ASN13335 (CLOUDFLARENET, US)

workink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:b77 (United States)

ASN13335 (CLOUDFLARENET, US)

work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2050:200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d5c (United States)

ASN13335 (CLOUDFLARENET, US)

b.sf-syn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a77 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect-api.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:a200:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:236e:7000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.183.118.136 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-118-136.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.158.22 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-158-22.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:8a5a (United States)

ASN13335 (CLOUDFLARENET, US)

achcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.116 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 116.41.190.35.bc.googleusercontent.com

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.162.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-162-63.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	work.ink work.ink redirect-api.work.ink auth.work.ink	237 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2900 test.cmp.quantcast.com — Cisco Umbrella Rank: 10570 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12285	185 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	383 KB
5	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7036 router.infolinks.com — Cisco Umbrella Rank: 2581	58 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2835	1 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192	162 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	41 KB
2	4dex.io script.4dex.io	25 KB
2	achcdn.com achcdn.com — Cisco Umbrella Rank: 90225	60 KB
2	youtube.com img.youtube.com — Cisco Umbrella Rank: 3283	6 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383	106 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2837	45 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 49820 thisiswaldo.com — Cisco Umbrella Rank: 42103	103 KB
2	sf-syn.com b.sf-syn.com — Cisco Umbrella Rank: 154577	3 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	166 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	385 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1446	312 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 2050	245 B
1	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26009	944 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	634 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939	10 KB
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 59464	463 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1377	4 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 481	62 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 937	214 B
1	workink.net workink.net	663 B
0	rlcdn.com Failed api.rlcdn.com Failed
72	27

	Domain	Requested by
13	work.ink	workink.net work.ink
5	cmp.quantcast.com	work.ink cmp.quantcast.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	work.ink www.gstatic.com www.google.com
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
3	router.infolinks.com	resources.infolinks.com
2	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	fonts.gstatic.com	www.google.com
2	achcdn.com	workink.net achcdn.com
2	img.youtube.com	work.ink
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	b.sf-syn.com	work.ink
2	resources.infolinks.com	work.ink workink.net
2	pagead2.googlesyndication.com	work.ink pagead2.googlesyndication.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	youradexchange.com	achcdn.com
1	rules.quantcount.com	secure.quantserve.com
1	auth.work.ink	workink.net
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	ipfind.co	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	a.teads.tv	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	cdn.thisiswaldo.com	work.ink
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	redirect-api.work.ink	work.ink
1	cdn.taboola.com	work.ink
1	workink.net
0	api.rlcdn.com Failed	ads.pubmatic.com
72	36

This site contains links to these domains. Also see Links.

Domain
youradexchange.com

Subject Issuer	Validity	Valid
*.workink.net E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.work.ink E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
cmp.quantcast.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2022-06-01` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
thisiswaldo.com R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
ipfind.co Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
youradexchange.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-20` - `2023-06-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Frame ID: 2CFCCE8F0BF608D763BC58B107D125F8
Requests: 58 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2uF%2FHOT-BABE-FULL-OF--STUFF00283720012
Frame ID: 03676A82F2F9EF4E7255DEA649964347
Requests: 1 HTTP requests in this frame

Frame: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671451200
Frame ID: DBEAB84F3EDB335CF9E3187585627304
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 72E014FFCFB642BA6FE68DEB46996DFC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=idpd1p16vddm
Frame ID: 3ECFE3EC3412F0AC49244D6A42B5283E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Work.ink - Best Rekonise & Linkvertise alternative!

Page URL History Show full URLs

https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012 Page URL
https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012 Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

97 %
HTTPS

66 %
IPv6

27
Domains

36
Subdomains

33
IPs

4
Countries

1660 kB
Transfer

5113 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012 Page URL
https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=3WQvT3x3V1JNZU1GWXlmaVV5clhMNnJlVEorNGd3cjFhNUJwbitnUkl3U1ZZdkZPcjREcThmZWR2cjdrUXBPa09jQVFQODdVY3psYkloVm1pQWFuYlVLcjUyL1RZVm8zWlV6TnErcWkwZ2FPSUY0WkFQT2pwTUhENTFnVjZIajl4aUtoRVA5bFRnUnlSUzFXRFpTMkVVc2FhV0VnanRCWmE5WEx4MGphM0NlZlpsVlA1VkpQTy8vamFCZWlUdTFOOEl6Q1B6djIyZ0IzNXJ0aUd6eUhkL3NkVkJMVDRWUXpEVURPNHdUTlM5NlJjK1RvPXw&cppv=2

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 HOT-BABE-FULL-OF--STUFF00283720012
workink.net/2uF/ 340 B
663 B 381ms
116ms Document
text/html 2606:4700:3031::ac43:87b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:87b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77c15296bc989b5e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 15:55:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTRwf11cDg1p7E0UEODkFHNttCeGZgMhlMYRDb%2F3FshW5CzZDSwYy8nMywmqUMjt9DOgiwx3ozDBz6YbJMduot8KGdLDOpJsHOD8ErUgv1zDE7VMk2jRW%2FZovHQFYDBeD0TfbsmYZrspRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 vegur

GET
H2 200 Primary Request HOT-BABE-FULL-OF--STUFF00283720012 Show response
work.ink/2uF/ 10 KB
4 KB 223ms
138ms Document
text/html 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Requested by

Host: workink.net
URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b015060d232fb6accf0a94f930a17c15a1bb5d92907629f6900478a0952e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Referer: https://workink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77c1529838569060-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 15:55:27 GMT
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzaHhwAZWp3Ee8EQChJMxyMrOAfg1%2BjmeS6KEGAwDhz%2F65Z7Q5kx7fUYInIbfD6MufkYPTJjPyLpLTOIcaaEbpOwAaqp8BTf5WgbjlqOOa%2FEYriOX9qz%2F733nIqyCblA4wSHHag7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: sameorigin

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 177ms
87ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d09fda0a7665c6c5de7487d025d3cd279de8eb8ba136512c924408e36104ea7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49322
x-xss-protection: 0
server: cafe
etag: 3867911184917673706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 15:55:27 GMT

GET
H2 200 chunk-vendors.f4c76a04.js Show response
work.ink/js/ 249 KB
88 KB 47ms
45ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/chunk-vendors.f4c76a04.js

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17b5d6db59266a73154e03d4496527cc9e81f39d9c3d12ebaaecff9ea0cfe38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4717
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-3e226"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWKV0ZFRBquJCO5ymPijK6uBULg2URJONt9in8yVsUhNtszuLB4JjEXBip3MfsoQzkFdRryXCwut3SyFSS7S2sk4NC1GShjcld%2FSANizRIR65Dv1o2KUzRvsBDMBMMX6tOJWZ95n"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 77c152991a339060-FRA

GET
H3 200 app.354a41ec.js Show response
work.ink/js/ 200 KB
94 KB 65ms
65ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/app.354a41ec.js

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e3d7e062afc94592e5aaf2227a99b2296ee88565794cb2666eec2f6a9ab31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6429
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-3219f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bY%2BohE2ywWedqBmWQuvAah7aMFT%2Bd52PxekiLRTC38kNGdqk%2FfYw0IwO%2BJMgyKZpcIqUyAPzzqmcUxZYpKpZK5qZWA3JOW5vYhQeGvy0feFkWArqiKPy29vKVdOd%2FQay1EzyVk20"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 77c152996d476919-FRA

GET
H2 200 chunk-vendors.3ded2ec4.css
work.ink/css/ 51 KB
7 KB 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/chunk-vendors.3ded2ec4.css

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 843
cf-polished: origSize=52731
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-cdfb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BNc%2BjYyN%2BNeMOHxye2YwugYd82Y%2FxjCAUpXABBC%2FHHiC%2Fa2ZCY7Mi3atvlwiUIYVoeh7vTAxnZcUiwENw8IAeVKGaC42%2B%2BpU5WIYF5REDNUooU1ZpZgtmCay1ocTDUIbpxThOFa"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 77c152991a329060-FRA

GET
H2 200 app.011fc71e.css
work.ink/css/ 19 KB
4 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/app.011fc71e.css

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd61b872dd44caf350c3f72d2cedb35caea8ec34509c4043b85aa25b4c7c933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 843
cf-polished: origSize=19754
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-4d2a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wem7qbqiBfP85kHcR3CwYlVsGji3iSr6zK4xQaxN3fw2AO5AUA2TdV6RiaunvGrjGEadM70byba5FuSLlDiBBhzChwjNVsyTRlBZo66YYyq153vkJvK0cQHB9Ag%2FOlftb5s1B2oZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 77c152991a349060-FRA

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 4 KB
2 KB 59ms
33ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a367f7bad60c6098abffef874320ea0b014687d4c6aad22b5b44e36da668ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 18 Dec 2022 20:07:43 GMT
server: cloudflare
age: 13635
etag: W/"f48-5f01fc1736c03"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77c152994bb19bf8-FRA
expires: Mon, 19 Dec 2022 13:08:12 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/workink/ 14 B
214 B 239ms
217ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/workink/loader.js
Requested by: Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220097-HHN
date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1671465328.604035,VS0,VE211
x-cache: HIT
content-type: application/javascript
abp: 51
cache-control: private,max-age=14401
accept-ranges: bytes
content-length: 14
retry-after: 0
x-cache-hits: 0

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1840.012-3.025/ 179 KB
56 KB 32ms
31ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1840.012-3.025/ice.js
Requested by: Host: workink.net
URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772e723011422827d15feece5a3df3e1f7e9de91897e4945b52d5078e1011550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 18 Dec 2022 14:06:25 GMT
server: cloudflare
age: 6386
etag: W/"2cd9c-5f01ab54dc12b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 77c152998c3f9bf8-FRA
expires: Wed, 18 Jan 2023 14:09:01 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 137ms
50ms Script
application/javascript 2600:9000:2050:200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
via: 1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: BUD50-C1
age: 20
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Z0wdDfI8V2fmESgaTTalKEceyPk_oRumY4ErQlU3duUpbhL42SKe9Q==

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 0367 0
33 B 271ms
261ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2uF%2FHOT-BABE-FULL-OF--STUFF00283720012
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1840.012-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 77c1529a0d7c9bf8-FRA
content-length: 0
date: Mon, 19 Dec 2022 15:55:27 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
43 B 124ms
117ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2uF%2FHOT-BABE-FULL-OF--STUFF00283720012
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1840.012-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77c1529a0d839bf8-FRA
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 0
33 B 125ms
119ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3374250&wsid=0&pdom=work.ink&purl=https%3A%2F%2Fwork.ink%2F2uF%2FHOT-BABE-FULL-OF--STUFF00283720012&jsv=1840.012-3.025&ref=workink.net%2F&_cb=16714653276790
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1840.012-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77c1529a0d869bf8-FRA
content-length: 0

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
2 KB 57ms
22ms Script
application/javascript 2606:4700::6812:d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sf

Requested by

Host: work.ink
URL: https://work.ink/js/app.354a41ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .hitachivantara.com .recaptcha.net recaptcha.net .youtube.com www.youtube-nocookie.com .btloader.com *.pubmatic.com; form-action 'self' lists.sourceforge.net; frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-security-policy: frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.btloader.com *.pubmatic.com; form-action 'self' lists.sourceforge.net; frame-ancestors 'self'; object-src 'none'; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 12740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 19 Dec 2022 12:23:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 77c1529a7e829956-FRA
expires: Mon, 19 Dec 2022 19:55:27 GMT

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
1 KB 69ms
34ms Script
application/javascript 2606:4700::6812:d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sd

Requested by

Host: work.ink
URL: https://work.ink/js/app.354a41ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477

Security Headers

Name	Value
Content-Security-Policy	report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; upgrade-insecure-requests; frame-ancestors 'self'; object-src 'none'; form-action 'self' lists.sourceforge.net; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .hitachivantara.com .recaptcha.net recaptcha.net .youtube.com www.youtube-nocookie.com .btloader.com *.pubmatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-security-policy: report-uri https://sourceforge.report-uri.com/r/d/csp/enforce; upgrade-insecure-requests; frame-ancestors 'self'; object-src 'none'; form-action 'self' lists.sourceforge.net; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.btloader.com *.pubmatic.com
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 12740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Mon, 19 Dec 2022 12:23:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 77c1529a7e869956-FRA
expires: Mon, 19 Dec 2022 19:55:27 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
966 B 190ms
72ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 15:55:27 GMT

GET
H2 200 ping Show response
redirect-api.work.ink/ 61 B
594 B 198ms
135ms Fetch
application/json 2606:4700:20::681a:a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect-api.work.ink/ping
Requested by: Host: work.ink
URL: https://work.ink/js/app.354a41ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ca4caa7d9fe5c77d8bbe42b43347edf0061f34692cb01ff19a78a4df7baaaff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d-vvN6cV9EfzeKRDQ0lZkeDHaGUIs"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0E6WUf4eTVUPfPS8MI7iTPpEju1dGKlDv4qaXHNwbJSssb%2BZKFCV36oUCaNj0dneIHAQgCAByUDR4N5WKaKbey88%2F%2BglCEx381hcMNdOHCPILHPe9xj3RNQ%2FhQq9ovYNrFCmF1QpNpE5aT6ZfOg16Eupw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 77c1529ac9a5bba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 400 s.js Show response
work.ink/cdn-cgi/zaraz/ 24 B
443 B 33ms
33ms Fetch
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js
Requested by: Host: work.ink
URL: https://work.ink/js/app.354a41ec.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oAyXzof7EoOwnNSAJipCD5jafbbNW%2B82lswhtADHRS1W84NlP7YvAa3h%2FuX8cw5g6mq3QGhWiin27NEf%2Bn%2FJdVD0OOBAEW7T6RGBV3LukiraUUjrS5WIqI9zdp161XD3aXSl4zu"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 77c1529a6f656919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 invisible.js Show response
work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame DBEA 36 KB
16 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671451200
Requested by: Host: workink.net
URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vwhn5m4Fh7Dd9AOW9Hwl50I%2BmxHHLhS4qIZmnLJIypDQCiLmKNd8%2BeRB6EYxK5vo%2Bf7ReZ3n5kQI5PrbtduHFU5oZ8bpVgZoHWOdsRuXFXmPEobW56eZnQk6zGOn20921ZYa2MF7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1529a6f696919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s.js Show response
work.ink/cdn-cgi/zaraz/ 5 KB
3 KB 40ms
39ms Script
text/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC42Njk2NTM3MTI0MDYwNjY2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JrLmluayUyRjJ1RiUyRkhPVC1CQUJFLUZVTEwtT0YtLVNUVUZGMDAyODM3MjAwMTIlMjIlMkMlMjJyJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JraW5rLm5ldCUyRiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by: Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67beddbfd341da4c1cc5a202f2dff43246ffba43b8a1a8c6f08215bd68f5982d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EziokDsZ%2F2ETJb5CvOSyddiepjFBSM7EyMiMjxohXETwm71%2BM963ry%2FCLf1PQfHONQIeELR802Cn7BchWQZdTunuBNkqfwhT3YI2615IQJ7mtgCcYrzZ9ATdnp8FekFFPA4mIcN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 77c1529a6f6b6919-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
43 KB 34ms
34ms Script
text/javascript 2600:9000:2050:200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 13:35:07 GMT
content-encoding: br
via: 1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
age: 8962
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: EXiHMs74EoSpZce3H1aSD_I9Sv5U83E4qUnrdEtBQPc33m02OyVE7Q==

GET
H3 200 pica.js
work.ink/cdn-cgi/challenge-platform/h/g/scripts/ Frame DBEA 22 KB
9 KB 23ms
23ms Other
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571f324ca6c162d09d79a93ef745e24a2e613474489ba2b34755f1126107387c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHrFB4HdK9F3Osh%2FBbuZLPS0eyTSZJEYfzMZyw141ZcQVwhC%2BqyrFEkBoePpNRolf8a3nLphEkh1F1njxwiE3Zf6ifPgxbi6jQJvK0orfCN3J%2BaKE5PUweAobT5YBB%2FHmMddSidR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 77c1529a8fc56919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 215ms
137ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2046708012782383&plah=work.ink

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119959
x-xss-protection: 0
server: cafe
etag: 126126194237215957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 15:55:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 72E0 10 KB
5 KB 176ms
55ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2046708012782383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 02:49:30 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 02:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11929.js Show response
cdn.thisiswaldo.com/static/js/ 357 KB
103 KB 93ms
21ms Script
application/javascript 2600:9000:2304:a200:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/11929.js

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:a200:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

d25c65702801da162376b19d0ba6dfe8aacdb2b602e57100a3637fe5f569a5f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 14:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Dec 2022 14:02:18 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
etag: "595aa-5efca2f4130c4-gzip"
age: 6717
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: a2mJ2lqlwADDBIppTtatX_fLUG4zMWdYhOsERisDrpqIzqIGrbYu3Q==

GET
H3 200 workink-colorful-md.8d4b6dda.png
work.ink/img/ 6 KB
7 KB 43ms
43ms Image
image/webp 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-colorful-md.8d4b6dda.png

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4247
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="workink-colorful-md.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6626
cf-bgj: imgq:100,h2pri
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: "639b8d29-3ccc"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqE4UScqxjzpyEuaXkSnLO9McR%2BqgXfoj9%2B6Mlt68mqkxQTawLtfQlS0ICHoDIa%2BwdnDzb0vVBEYnZ1ntY%2FLu4uf%2BkUNbCJ49DEKW2zNq1q3y5%2FHbirRVtNN7DZ5h4VtjrvZQpwP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c1529ae8cb6919-FRA

GET
H3 200 loader.a62dee1e.svg
work.ink/img/ 593 B
831 B 41ms
39ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/loader.a62dee1e.svg

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6428
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-251"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvnosUKPESslqJD15hYNTBF58iKmiM4CLVJb4D7O0AbNItTEQcHwSipDCf%2B7GU%2Fq9N8oyLclBTR%2BaOfyFPyzurnJ3hXVnvPuGeDee6Mie6VYYJw37Sb6zPeWPDWdQOn%2BHyjhrzUo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 77c1529ae8d06919-FRA

GET
H3 200 workink-white-md.4be034e5.svg
work.ink/img/ 8 KB
3 KB 42ms
40ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-white-md.4be034e5.svg

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6428
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 15 Dec 2022 21:10:01 GMT
server: cloudflare
etag: W/"639b8d29-2151"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZycQcHuPsaJ54TaDTaDzgFrUkIeWHL38X1jvNe1lPhRngdkE87i%2F2BB2rxUiPeZeGdgOVZB3%2BkTC3zUx6KRhkRsmAQg0eCHmJO1HyFs3YtrK1BU4TVFaptUt7wYdQnapeJSmRLo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 77c1529ae8d56919-FRA

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 59ms
8ms XHR
application/json 2600:9000:225e:3200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 853a1f973e0c7d05b846cb408953ca4c5a00be5410f030c37f25dcccaf2c7bf1

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:00:44 GMT
x-amz-version-id: 1z0UoXMJ9xzbs2qI0bEVqRIwlX6l1fM5
content-encoding: br
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 46484
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 15 Dec 2022 19:53:40 GMT
server: AmazonS3
etag: W/"1fcb7b340973662b8c72821035297be8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: WNovSG3Iiz1dQSR4w2QI7-HTWH315RGxdlx76GYL0b_SwL_eT-qDvg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 174ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 15:11:21 GMT

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/42/ 230 KB
59 KB 34ms
32ms Script
text/javascript 2600:9000:2050:200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 00:21:31 GMT
content-encoding: gzip
via: 1.1 eb9781eaf534229bf5ad50a1b819581a.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
age: 56077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
server: AmazonS3
etag: W/"24932b3e61742029985961c24d35dbb7"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: SgjWF0JvGIQp9iXKqi1pKY77D2FBaSfGdM60KOCxNWXFgifnA9Qe8w==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 348 KB
42 KB 151ms
33ms XHR
application/json 2600:9000:2050:200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b549ac81a403b341ae4cae145d2d80e8ed3bd7b8211ad893f30908c4baca04ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:00:37 GMT
content-encoding: br
via: 1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
age: 46492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 19 Dec 2022 03:00:33 GMT
server: AmazonS3
etag: W/"e7d8b0f974119caf720679ec234db47d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 3WVjGDIjZWY2jHNGeaoj9cSWLQJMmTVEPrQ4a0mOj8oznhp_dQewpQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 152 KB
36 KB 177ms
60ms XHR
application/json 2600:9000:2050:200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f97c395d8c7383e543f30158f6b577a4161dc6f87b79a0878feb7ebd4ee845f

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 03:01:40 GMT
content-encoding: br
via: 1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront)
x-amz-cf-pop: BUD50-C1
age: 46429
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 19 Dec 2022 03:01:37 GMT
server: AmazonS3
etag: W/"505447daad0efff5e3d0fa9fe62f05e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ATmbYFgJjbDsJ-SkKFD6bNEHU1SZ_6X7cL0HlTvOOSQGrkl4_9rtgA==

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/ 4 KB
2 KB 177ms
28ms Script
application/javascript 2600:9000:236e:7000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:7000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:54:46 GMT
content-encoding: br
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 21:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 51
x-amz-server-side-encryption: AES256
etag: W/"84f67876c95a3a1982d1378d05722a85"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: hClTr7eN2fhnaFh2a3hom1Sg6fAfBJN9aHm8FenXYpbga02hehC9Mg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 201 KB
62 KB 162ms
15ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:52:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=102746
accept-ranges: bytes
content-length: 62752
expires: Tue, 20 Dec 2022 20:27:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 209ms
74ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1425 / 567 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 19 Dec 2022 15:55:28 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 212 KB
40 KB 124ms
33ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55742123d2961a3e6b6b1bc27538f683808ded697d9bf1280000b882132c00a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 15:47:00 GMT
server: cloudflare
x-amz-request-id: 9FZ0HTMDBM00R822
age: 177
etag: W/"e22aa60dc90a32e03454cffe43f09bd2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 77c1529ccecf90e8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Yp6XccUkyUA6m8mZiDdNktSTaut9uIjdA1LRfMZp0ckWjVmbF7h8AjSqLPHxnyfrX92TAC45dOos+i8bbGeftA==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 159ms
8ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 6PX7G9BXZ1EJ8Q4H
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: mn+sdmW1kRLqXoGcKjiUOnURKtt8S7jop2YTJNIsjYf9vysp6bNqxt2aL5b1GjUmGsC39PaWn24=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 631ms
370ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 19 Dec 2022 15:55:28 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 353 B
463 B 524ms
171ms XHR
application/json 54.183.118.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.118.136 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-118-136.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 85b2d39c7847bccf8a9abbc1e34fd9bb8028d5fa652bc6c9d475b28c11c20b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 246

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 53ms
7ms XHR
text/plain 3.67.158.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22work.ink%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1671465328172%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-66r0i9wikxvzzmiq7k69%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.158.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-158-22.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 15:55:28 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H3 200 77c1529838569060 Show response
work.ink/cdn-cgi/challenge-platform/h/g/cv/result/ Frame DBEA 2 B
663 B 85ms
85ms XHR
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/cv/result/77c1529838569060
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1671451200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liK5j2wJRnkgoXSYGZQOUNGWQ4ySE0C7sUTsxw9A%2F7lVAvU6z6zk9S0K6IH6lLXaZeepbdN%2B%2FrFMmnP2I0XjvqNPIEi%2F1bQwXLGvMKGJzBKfuXjMkYSrdbei1eggAxSdKDuU2%2FAl"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 77c152a01c4e6919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3ECF 42 KB
22 KB 182ms
81ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=idpd1p16vddm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

519fb47cf7b950e085710602c7b1d5f29aaea263715ad830fb91b2df3bf77b5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pAXiy_wgFRsDYppZzFULCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22100
content-security-policy: script-src 'report-sample' 'nonce-pAXiy_wgFRsDYppZzFULCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 15:55:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 50ms
8ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 15:55:28 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
44 KB 9ms
9ms Script
text/javascript 2600:9000:236e:7000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:7000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:30:04 GMT
content-encoding: br
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 1525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: 2Y_-SX1suaKtNqLc288FTcXgRn1SmZjog6JTizQuMNjSMU9fVLfi7A==

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 210 KB
66 KB 63ms
45ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 16:50:50 GMT
server: cloudflare
x-amz-request-id: 79PRN948QHVRQ22A
age: 594171
etag: W/"a295e934190c6de7fe47fed7fbac382f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77c152a10eadbbe9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UoElqZ9r5EnIMcfDbeK21DiamGYKttzalAecoX/zJcbRyRQPod5CeHSuH49Dfe78YsFElLb1zic=

GET
H2 200 get_country_code.php Show response
auth.work.ink/actions/ 34 B
368 B 159ms
143ms Fetch
application/json 2606:4700:20::681a:a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.work.ink/actions/get_country_code.php
Requested by: Host: workink.net
URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d984018b5d15b83e5c61f07b287e6622f2092c1d177b18ab4bdaa71ab27cd52c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eA0fp%2B9TDsbO3y9ZnLoivbsmp%2FMzbKDIXEsPt%2FyBThlkMu%2FTH3zAbhJuAJ5npB9RFypJ2SaXo%2BkF8dKJsT5VN%2BbC9hTHu1TkFaE5K6ghKGbQpnVS%2FdTPFOBIVpbspZMetWYQzCbYQ3MAitk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://work.ink
cf-ray: 77c152a1097bbba7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 default.jpg
img.youtube.com/vi/t0g-HQb-f1Y/ 3 KB
3 KB 237ms
81ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/t0g-HQb-f1Y/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0480f646bb48a9b00f746d85f05925da69dacaccbbfee66e41d5d7d405c20e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2894
x-xss-protection: 0
server: sffe
etag: "1664964362"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Dec 2022 17:55:28 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/at5mpQdrYLA/ 3 KB
3 KB 204ms
48ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/at5mpQdrYLA/default.jpg

Requested by

Host: work.ink
URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f342533bedd34d710a9ab8ef79336fe25ce7e3385c6d13b2f88732372e2b2c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:00:11 GMT
x-content-type-options: nosniff
age: 3317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2995
x-xss-protection: 0
server: sffe
etag: "1656468837"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 19 Dec 2022 17:00:11 GMT

GET
H3 200 pubads_impl_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071257

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132289
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Dec 2023 15:27:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
121 B 155ms
75ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=work.ink

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Mon, 19 Dec 2022 15:55:28 GMT

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
634 B 37ms
7ms Script
application/javascript 2600:9000:223c:3200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:26:35 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1733
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: --uvwh5oC90z0OMDPbW0JskOSRMPeC9vpuqhxQDjCA5Zdu8krzvKjA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 3ECF 52 KB
24 KB 108ms
35ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=idpd1p16vddm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 15:12:34 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 3ECF 407 KB
163 KB 127ms
53ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 15:11:21 GMT

GET
H2 200 suv4.js Show response
achcdn.com/script/ 98 KB
34 KB 126ms
63ms Script
application/javascript 2606:4700:3037::ac43:8a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/suv4.js
Requested by: Host: workink.net
URL: https://workink.net/2uF/HOT-BABE-FULL-OF--STUFF00283720012
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:8a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517
x-guploader-uploadid: ADPycdua1e6einlaItaBMKPMGYWSgEfLuZRymfpzCnSlawDgAs_ryT7aC5wwyr3nvxhCdofxeR5W_Ts1PhmFhItF2gZLCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:55:25 GMT
server: cloudflare
etag: W/"416f6928d8f3d8d66655abc097baca03"
vary: Accept-Encoding
x-goog-hash: crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-generation: 1670939725427322
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68W9i4T%2Fmw0aauRvTRijTdRZugTw8pSgRIN7oLPYnPaq2BtJqiwf4015A1Shk%2BNjkZ1dDCzEmWFxAZetyQOk2UzB1jEDfUevXLlcDPH%2FidYBCOgIf0JU99JkNb6k6IpIRSr9%2F%2BfMT3nU"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 100623
cf-ray: 77c152a26f5d926d-FRA
expires: Mon, 19 Dec 2022 16:29:10 GMT

GET
H3 200 ut.js Show response
achcdn.com/script/ 70 KB
25 KB 50ms
27ms Script
application/javascript 2606:4700:3037::ac43:8a5a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://achcdn.com/script/ut.js?cb=1671465329106
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8a5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 697
x-guploader-uploadid: ADPycduC-pFhw5UdO95yUYsya7dX1FbHwWPWZY3nbreVR6byHMTJvs0B5cGu0qBLLWWH1oaaIQpwHyXqlnBzHnUSIOM54A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Dec 2022 13:55:49 GMT
server: cloudflare
etag: W/"d5903ccaed951c280d67f4188548e1e9"
vary: Accept-Encoding
x-goog-hash: crc32c=aFnw8A==, md5=1ZA8yu2VHCgNZ/QYhUjh6Q==
x-goog-generation: 1670939749168345
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgE3wzOatRW98gzKOKsrPJ8xi9i2lNQuAnxVcG239qVK1mibdVItYyBJHa1VbDczBbQ6Eog4iG94oQPWpbFrRZlokIaIQ0OGodQhMA9RmNw5bzb%2BMLZllpYfJUwU89xFLME6wPWHHn%2FZ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 71395
cf-ray: 77c152a31974bbeb-FRA
expires: Mon, 19 Dec 2022 16:23:29 GMT

GET
H2 200 suurl4.php Show response
youradexchange.com/script/ 1017 B
944 B 265ms
220ms Fetch
application/json 35.190.41.116
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl4.php?r=6188826&chmob=%3F0&cbur=0.02380870953925185&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Work.ink%20-%20Best%20Rekonise%20%26%20Linkvertise%20alternative!&cbpage=https%3A%2F%2Fwork.ink%2F2uF%2FHOT-BABE-FULL-OF--STUFF00283720012&cbref=https%3A%2F%2Fworkink.net%2F&cbdescription=WorkInk%20allows%20you%20to%20monetize%20your%20links%20and%20thus%20earn%20money%20by%20publishing%20your%20content%20via%20our%20link%20shortening%20system.%20You%20can%20also%20link%20social%20medias%20and%20grow%20your%20audience%20on%20YouTube%2C%20Twitter%20and%20other%20platforms.&cbkeywords=&cbcdn=achcdn.com&aggr=0
Requested by: Host: achcdn.com
URL: https://achcdn.com/script/suv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.41.116 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 116.41.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: d101e72b3a1007310abc3308ca51518f9c04d3fb39ebf192b4c7ccd8086414b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 15:55:29 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json; charset=utf-8

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3ECF 2 KB
2 KB 36ms
35ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 332120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Dec 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3ECF 15 KB
16 KB 123ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 506042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3ECF 15 KB
15 KB 132ms
48ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 507341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Dec 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3ECF 102 B
134 B 70ms
69ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=idpd1p16vddm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 15:55:29 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3ECF 32 KB
18 KB 117ms
116ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ada60e1ee9e1f0e5bb8dc373447f3ca8c22e9a53fdb170815f344ab1c205a65c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=idpd1p16vddm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 19 Dec 2022 15:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18487
x-xss-protection: 1; mode=block
expires: Mon, 19 Dec 2022 15:55:29 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 315ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://work.ink
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 15:55:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 625172
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
245 B 575ms
381ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 15:55:30 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=3WQvT3x3V1JNZU1GWXlmaVV5clhMNnJlVEorNGd3cjFhNUJwbitnUkl3U1ZZdkZPcjREcThmZWR2cjdrUXBPa09jQVFQODdVY3psYkloVm1pQWFuYlVLcjUyL1RZVm8zWlV6TnErcWkwZ2FPSUY0WkFQT2pwTUhENTFnVj...

359 B
643 B

63ms
23ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3WQvT3x3V1JNZU1GWXlmaVV5clhMNnJlVEorNGd3cjFhNUJwbitnUkl3U1ZZdkZPcjREcThmZWR2cjdrUXBPa09jQVFQODdVY3psYkloVm1pQWFuYlVLcjUyL1RZVm8zWlV6TnErcWkwZ2FPSUY0WkFQT2pwTUhENTFnVjZIajl4aUtoRVA5bFRnUnlSUzFXRFpTMkVVc2FhV0VnanRCWmE5WEx4MGphM0NlZlpsVlA1VkpQTy8vamFCZWlUdTFOOEl6Q1B6djIyZ0IzNXJ0aUd6eUhkL3NkVkJMVDRWUXpEVURPNHdUTlM5NlJjK1RvPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

20047b1a2532eac724759db5a2b682ba45df207e34c9a2c5873dd1bce859abcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 15:55:30 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1678253
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 15:55:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=3WQvT3x3V1JNZU1GWXlmaVV5clhMNnJlVEorNGd3cjFhNUJwbitnUkl3U1ZZdkZPcjREcThmZWR2cjdrUXBPa09jQVFQODdVY3psYkloVm1pQWFuYlVLcjUyL1RZVm8zWlV6TnErcWkwZ2FPSUY0WkFQT2pwTUhENTFnVjZIajl4aUtoRVA5bFRnUnlSUzFXRFpTMkVVc2FhV0VnanRCWmE5WEx4MGphM0NlZlpsVlA1VkpQTy8vamFCZWlUdTFOOEl6Q1B6djIyZ0IzNXJ0aUd6eUhkL3NkVkJMVDRWUXpEVURPNHdUTlM5NlJjK1RvPXw&cppv=2
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 449474
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
312 B 98ms
29ms XHR
application/json 34.249.162.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.162.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-162-63.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 15:55:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://work.ink
cache-control: no-cache
x-server: 10.45.30.51
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 121ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 4f00efdf1ffcfe6bf7f9f38fd5a158ffd1f578a96cfd85dc1c29d730ba1d3603

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 19 Dec 2022 15:55:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.ink
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 18 Jan 2023 15:55:30 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 275ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 15:55:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 571724
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1017 B 266ms
18ms Script
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 15:55:33 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2244262
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFiF6YXyYhtuRhdowOFvL1B7rAVc04hXXS8eBehe%2Bl6ssSy5tYYqP7OVuG5cqOK6bvtMZYSbwaNAo9lZyJVxUF3OeLWskDd7cebCQKcKBIXma3WZPcp5v2bxwVLrzTu70jO297Q4XhNYG%2Fsa"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 77c152bd1fe191e4-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 37ms
23ms Fetch
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 15:55:33 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HTNBQS0B37Y4JM1R
Age: 2354536
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: PtptD/A0ZzTSMtOeJBNiHU2lUGYKjU2afQJSB6fBD7e08xiSLSho3yx1oONnCVAzXA1+5zds8us=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWdqHp5W2u90rdupIJSVytfcn1JbyOmM21c%2FW1r74zaXDEQgJVX2YxiarTjS18F0e3RT5sG7cXbmVZDs9ENqMTquZcq1abOMjZFcGCtXOvXQqtR%2Fmf27RY%2BNdzaEoSg3tXHDI7RbUA%2BhJ56l"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 77c152bd4b9b91e1-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:36:57	Name: _GRECAPTCHA Value: 09AGDUI8Bl1QfigxZdxv6y4K8THSQDsYGxAYZez9fCeQQiCwIXrZdimjFdFrUWjhuNWk2UoZyGYRw26KysqVVn84c
work.ink/2uF	1969-12-31 23:59:59	Name: logglytrackingsession Value: be246831-c652-4fcf-aaaa-02b9063ee4a1
.work.ink/	1970-01-20 17:53:45	Name: _ga Value: bbd1329e-8915-4f59-876f-5cc27c435e3f
work.ink/	1970-01-20 10:27:21	Name: waldo_country Value: DE
work.ink/	1970-01-20 10:27:21	Name: waldo_continent Value: EU
work.ink/	1970-01-20 10:27:21	Name: waldo_region Value: 05
.work.ink/	1970-01-20 08:17:47	Name: __cf_bm Value: pAwelyHffKtESPZO5inWPoYfKEH7X5T_6dTiyMHF_I4-1671465328-0-Acn/Lp+jdA3WWRjZSuyFP4y07Qc+CyN/pLIaHpu/5eSNLkqABWEGWnkeGfOVMl7WnxYt4FWu6LiPobhe6FofTqwPI2achyT1SSt9Kgk4MXdaQpDGGPBHdsAcUsay9BWkxHkF+dbknFQDLQiH7IWw6+k=
work.ink/	1970-01-20 09:00:57	Name: _pbjs_userid_consent_data Value: 3524755945110770
.work.ink/	1970-01-20 12:36:57	Name: _pubcid Value: c9f70ef2-e1ac-4cfd-b57b-f2f48c8b6bb8
work.ink/	1970-01-20 08:17:48	Name: _lr_retry_request Value: true
work.ink/	1970-01-20 09:00:57	Name: _lr_env_src_ats Value: false
work.ink/	1970-01-20 09:44:09	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-12-19T15%3A55%3A30%22%7D
.work.ink/	1970-01-20 17:39:21	Name: cto_bundle Value: KmjrsF84UmdjbHVhQ1UzbVhWdXdCVnh0TEhOSnFaRkRhVHRxRFYlMkJVclRCQUx4bnhGMW1qVnNJMGxid2lRd3lpZzRWQjVVVEMlMkZWTHFTQ1ZBRUhHRVdxSlZVYkdBaEFoQ3ZmMHlkZHVpQnBjMDUlMkZseTdhdjhKaUFOd3lGTGI1NWVaSCUyRnBU
.work.ink/	1970-01-20 17:39:21	Name: cto_bidid Value: kICNwl9XZ3JNakpjc0tFclVUZCUyQmRqdjZSaHZvVWZaQkJWZDRldUtMRTFlVyUyRjRJVmloVVNtaklFeXpiUDBMYzNJZlNIWUpTSjhhaTZtRDU0eVBKemNVMFFwbnclM0QlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://work.ink/cdn-cgi/zaraz/s.js Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://work.ink/2uF/HOT-BABE-FULL-OF--STUFF00283720012 Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://work.ink' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
achcdn.com
ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
auth.work.ink
b.sf-syn.com
cdn.confiant-integrations.net
cdn.taboola.com
cdn.thisiswaldo.com
cmp.quantcast.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
img.youtube.com
ipfind.co
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
redirect-api.work.ink
resources.infolinks.com
router.infolinks.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
thisiswaldo.com
work.ink
workink.net
www.google.com
www.gstatic.com
youradexchange.com
api.rlcdn.com
151.101.65.44
172.66.41.9
178.250.0.157
2.18.232.7
2.18.233.180
2600:1901:0:8344::
2600:9000:2050:200:9:46dc:4700:93a1
2600:9000:223c:3200:6:44e3:f8c0:93a1
2600:9000:225e:3200:3:a4cd:8380:93a1
2600:9000:2304:a200:f:458e:2a80:93a1
2600:9000:236e:7000:9:46dc:4700:93a1
2606:4700:20::681a:a77
2606:4700:20::681a:b77
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:87b6
2606:4700:3037::ac43:8a5a
2606:4700::6812:116b
2606:4700::6812:d5c
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2003
2a00:1450:400d:807::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a02:2638:1::13
3.67.158.22
34.249.162.63
35.190.41.116
35.71.131.137
52.15.219.226
54.183.118.136
0480f646bb48a9b00f746d85f05925da69dacaccbbfee66e41d5d7d405c20e3d
0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a
13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411
15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20047b1a2532eac724759db5a2b682ba45df207e34c9a2c5873dd1bce859abcd
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
34fd432b7a129fd6d9599b585bcfc8cde51d7cfd47ad4f906f0b36ac359a562a
3a367f7bad60c6098abffef874320ea0b014687d4c6aad22b5b44e36da668ee7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4f00efdf1ffcfe6bf7f9f38fd5a158ffd1f578a96cfd85dc1c29d730ba1d3603
519fb47cf7b950e085710602c7b1d5f29aaea263715ad830fb91b2df3bf77b5d
55742123d2961a3e6b6b1bc27538f683808ded697d9bf1280000b882132c00a2
55f90b0718272a96c442cd8c552169391297c108fa55322c4efb78d884148477
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
571f324ca6c162d09d79a93ef745e24a2e613474489ba2b34755f1126107387c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62a9ab66cac0afdced4732a27d4e2139d6975a0e92816f638c16d60a544faa2c
67beddbfd341da4c1cc5a202f2dff43246ffba43b8a1a8c6f08215bd68f5982d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71e3d7e062afc94592e5aaf2227a99b2296ee88565794cb2666eec2f6a9ab31f
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
772e723011422827d15feece5a3df3e1f7e9de91897e4945b52d5078e1011550
7f97c395d8c7383e543f30158f6b577a4161dc6f87b79a0878feb7ebd4ee845f
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4
853a1f973e0c7d05b846cb408953ca4c5a00be5410f030c37f25dcccaf2c7bf1
85b2d39c7847bccf8a9abbc1e34fd9bb8028d5fa652bc6c9d475b28c11c20b07
87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90
8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
926277a34899cd4c8f87e0f9f1c24f14a42d1ccb45c75bca0da764c32573dbfa
95e6264b1cf2aa6195268d21e7bbf25c338ce7689bcbf2eb1e1cb6f59bd4da39
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
ada60e1ee9e1f0e5bb8dc373447f3ca8c22e9a53fdb170815f344ab1c205a65c
b3845c759b473e2e3933b49c893a158a9968acf9a857ac166859d7e8c9a827a8
b549ac81a403b341ae4cae145d2d80e8ed3bd7b8211ad893f30908c4baca04ae
b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538
b628942e8ff712de0d166d8704f779bd3860800817549c8a375868977e117863
c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37
ca4caa7d9fe5c77d8bbe42b43347edf0061f34692cb01ff19a78a4df7baaaff5
d09fda0a7665c6c5de7487d025d3cd279de8eb8ba136512c924408e36104ea7c
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d101e72b3a1007310abc3308ca51518f9c04d3fb39ebf192b4c7ccd8086414b9
d25c65702801da162376b19d0ba6dfe8aacdb2b602e57100a3637fe5f569a5f6
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
d984018b5d15b83e5c61f07b287e6622f2092c1d177b18ab4bdaa71ab27cd52c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd
e6b015060d232fb6accf0a94f930a17c15a1bb5d92907629f6900478a0952e0c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb7ff486f721b4bab97314d47bc7f076e0475c09d80b1a886cdec6496966b52c
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f17b5d6db59266a73154e03d4496527cc9e81f39d9c3d12ebaaecff9ea0cfe38
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f342533bedd34d710a9ab8ef79336fe25ce7e3385c6d13b2f88732372e2b2c36
f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e
fdd61b872dd44caf350c3f72d2cedb35caea8ec34509c4043b85aa25b4c7c933

work.ink Open in urlscan Pro 2606:4700:20::681a:b77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

66 %IPv6

27 Domains

36 Subdomains

33 IPs

4 Countries

1660 kBTransfer

5113 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

66 %
IPv6

27
Domains

36
Subdomains

33
IPs

4
Countries

1660 kB
Transfer

5113 kB
Size

14
Cookies

72 HTTP transactions
1 data transactions