urlscan.io logo urlscan.io
SecurityTrails logo

cor.works Open in urlscan Pro
52.205.229.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cor.works/
Effective URL: https://cor.works/login
Submission: On September 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 50 HTTP transactions. The main IP is 52.205.229.223, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is cor.works.
TLS certificate: Issued by Amazon on May 26th 2022. Valid for: a year.
This is the only time cor.works was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 52.205.229.223 14618 (AMAZON-AES)
6 2600:9000:21f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.86 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
10 104.18.72.113 13335 (CLOUDFLAR...)
3 2a04:4e42:600... 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.16.53.111 13335 (CLOUDFLAR...)
1 151.101.194.137 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.247.241.14 23467 (NEWRELIC-...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
50 22
6    52.205.229.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-229-223.compute-1.amazonaws.com
cor.works
6    2600:9000:21f3:a200:13:b808:7b40:21 (United States)

ASN16509 (AMAZON-02, US)
dtw74fzknz019.cloudfront.net
1    2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.194.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-86.fra2.r.cloudfront.net
d24n15hnbwhuhn.cloudfront.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
ekr.zdassets.com
3    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
3    104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)
cor.zendesk.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
Apex Domain
Subdomains		 Transfer
10 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1970
ekr.zdassets.com — Cisco Umbrella Rank: 2243
436 KB
7 cloudfront.net
dtw74fzknz019.cloudfront.net
d24n15hnbwhuhn.cloudfront.net
130 KB
6 cor.works
cor.works
151 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 3463
20 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 154
131 KB
3 zendesk.com
cor.zendesk.com
1 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4588
track.hubspot.com — Cisco Umbrella Rank: 2198
2 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4858
124 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
499 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
122 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4288
21 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 227
532 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 318
14 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3534
833 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2097
16 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3291
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2095
20 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 4806
21 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2241
916 B
50 19
Domain Requested by
9 static.zdassets.com www.googletagmanager.com
static.zdassets.com
6 dtw74fzknz019.cloudfront.net cor.works
dtw74fzknz019.cloudfront.net
6 cor.works 2 redirects cor.works
3 connect.facebook.net js.hsadspixel.net
connect.facebook.net
3 cor.zendesk.com static.zdassets.com
3 fast.appcues.com www.googletagmanager.com
fast.appcues.com
2 www.facebook.com
2 api.hubspot.com cor.works
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
cor.works
2 www.googletagmanager.com cor.works
www.googletagmanager.com
1 browser.sentry-cdn.com www.googletagmanager.com
1 bam.nr-data.net js-agent.newrelic.com
1 track.hubspot.com
1 js-agent.newrelic.com cor.works
1 api.hubapi.com cor.works
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 ekr.zdassets.com cor.works
1 d24n15hnbwhuhn.cloudfront.net cor.works
1 js.hs-scripts.com cor.works
50 23

This site contains no links.

Subject Issuer Validity Valid
cor.works
Amazon		 2022-05-26 -
2023-06-24		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
ssl1036557.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2022-06-08 -
2022-12-15		 6 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-28 -
2023-03-01		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2022-03-08 -
2023-03-07		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2022-05-07 -
2023-05-07		 a year crt.sh
cor.zendesk.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-09		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-12 -
2022-09-10		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-11-26 -
2022-12-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://cor.works/login
Frame ID: 50C72A8027EBF3A994B4495C8E55EF8A
Requests: 38 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Frame ID: AD4C471A16D6ECC4BE320C5D1F88D31A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://cor.works/ HTTP 301
    https://cor.works/ HTTP 302
    https://cor.works/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

50
Requests

100 %
HTTPS

73 %
IPv6

19
Domains

23
Subdomains

22
IPs

3
Countries

1215 kB
Transfer

3760 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cor.works/ HTTP 301
    https://cor.works/ HTTP 302
    https://cor.works/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
cor.works/
Redirect Chain
  • http://cor.works/
  • https://cor.works/
  • https://cor.works/login
198 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-229-223.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a9d03942bc9587543ae8ca396572578b4dc946584dc1e45f7ef9d3a3f3effd1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 02 Sep 2022 20:19:54 GMT
server
Apache/2.4.41 (Ubuntu)
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Fri, 02 Sep 2022 20:19:53 GMT
location
https://cor.works/login
server
Apache/2.4.41 (Ubuntu)
compiled-login.css
dtw74fzknz019.cloudfront.net/public/assets/css/ 		83 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a55cc7808b56c6388501a101d92ec82bf5de6d3c155e829e6ae9074676a861f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 06:12:10 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 12:00:41 GMT
server
AmazonS3
age
396465
etag
W/"d1761587823a5b533387dbab3cafe462"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=2628000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mAdWus61Iz4TfNOlCMGVkr405zn3GCCmqp5MMLwciCqocvRLu2LUww==
expires
Thu, 19 Aug 2027 11:53:01 GMT
compiled-login.js
dtw74fzknz019.cloudfront.net/public/assets/js/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/js/compiled-login.js?id=c73d2f94ef125e6010da
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80d95d1e09b9929b2b174a0e2af0c25bcb66987474da4625bfdb392380e24a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 09:51:03 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 12:02:14 GMT
server
AmazonS3
age
1160932
etag
W/"4e5c619c01d22cc4f510f0128acefa43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 21a3da42c823b5a4a2d9c4c63248bbd6.cloudfront.net (CloudFront)
cache-control
max-age=2628000
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
IqAhODugkd_LriW8eNVbJGJ-mCFlaxL10msjGHU8G5nnC7Vbw_ebKg==
expires
Thu, 19 Aug 2027 11:53:01 GMT
cor-logo.svg
cor.works/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cor.works/images/cor-logo.svg
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-229-223.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
87a893936e310d2762f4483e17c498238d544529ef5be428c57b5dc5f8d0f4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
last-modified
Wed, 31 Aug 2022 14:19:49 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"e70-5e78a30840d2e"
content-length
3696
content-type
image/svg+xml
google.svg
cor.works/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cor.works/images/google.svg
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-229-223.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b1200d0a7fc6dc83aa6cae4a41bb736df6b05211ffece11efe1b33c007a76807

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
last-modified
Wed, 31 Aug 2022 14:19:49 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"625-5e78a30841cce"
content-length
1573
content-type
image/svg+xml
2960453.js
js.hs-scripts.com/ 		2 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/2960453.js
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af18233c5ee6a7ea61e96b6d4a3088df3552277520300f3d96dba05ed5a2fa1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 02 Sep 2022 16:50:47 GMT
server
cloudflare
x-hubspot-correlation-id
bdfc2be6-8d0f-4356-9504-2a71a8000a51
x-trace
2B9D1D8E601112C208EB4F417820A47F48C7D049B7000000000000000000
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://cor.works
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
7448f17879890221-ZRH
expires
Fri, 02 Sep 2022 20:20:54 GMT
gtm.js
www.googletagmanager.com/ 		133 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baf79bbb9e85dab7c31803586ad80bd69d1ea6020f2183ce2aa3cda687258dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50356
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 19:52:49 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Sep 2022 20:19:54 GMT
roboto-v29-latin-300.woff2
dtw74fzknz019.cloudfront.net/public/assets/webfonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/webfonts/roboto-v29-latin-300.woff2
Requested by
Host: dtw74fzknz019.cloudfront.net
URL: https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

Referer
https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 06:14:41 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
age
396314
x-cache
Hit from cloudfront
content-length
15732
last-modified
Fri, 19 Aug 2022 12:00:58 GMT
server
AmazonS3
etag
"80fe119e5efa3911b9d61b265f723b3d"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
https://cor.works
cache-control
max-age=2628000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
hLRnTS_RlymNtQDakaLedwtYh7C1l1ilLnMqsWRuQ0JFm_bgvU6MIg==
expires
Thu, 19 Aug 2027 11:53:01 GMT
login-3.jpg
cor.works/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cor.works/images/login-3.jpg
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.229.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-229-223.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dd8d59cfe24f7858946dfa5d03dbac085c3046d7e604eb5ad99c302959423a9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
last-modified
Wed, 31 Aug 2022 14:19:49 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"140e7-5e78a30843c0e"
content-length
82151
content-type
image/jpeg
tuskergrotesk-4600semibold-webfont.woff2
dtw74fzknz019.cloudfront.net/public/assets/webfonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/webfonts/tuskergrotesk-4600semibold-webfont.woff2
Requested by
Host: dtw74fzknz019.cloudfront.net
URL: https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e90e10f3a3adf4cb039c9a0cc3b9e00ce9f84dd24862b0899e7deb1839de855b

Request headers

Referer
https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 14:57:37 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
age
451338
x-cache
Hit from cloudfront
content-length
16412
last-modified
Fri, 19 Aug 2022 12:00:58 GMT
server
AmazonS3
etag
"8d66fc28599943a354d9ecdadc148b4f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
https://cor.works
cache-control
max-age=2628000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
ZHNWcKVDCgsNMuF1D85-rivucQACzcsi3_hFcG9R8bC1xo3RcmZooQ==
expires
Thu, 19 Aug 2027 11:53:01 GMT
roboto-v29-latin-regular.woff2
dtw74fzknz019.cloudfront.net/public/assets/webfonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/webfonts/roboto-v29-latin-regular.woff2
Requested by
Host: dtw74fzknz019.cloudfront.net
URL: https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:06:31 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
age
1282404
x-cache
Hit from cloudfront
content-length
15688
last-modified
Thu, 18 Aug 2022 14:36:40 GMT
server
AmazonS3
etag
"aa23b7b4bcf2b8f0e876106bb3de69c6"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
https://cor.works
cache-control
max-age=2628000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
p6RZExCLPmpsVK5_LNvXbVL3xdqJ8E_JawbaHtBCifHtGsyJtnNNew==
expires
Wed, 18 Aug 2027 14:26:29 GMT
roboto-v29-latin-500.woff2
dtw74fzknz019.cloudfront.net/public/assets/webfonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dtw74fzknz019.cloudfront.net/public/assets/webfonts/roboto-v29-latin-500.woff2
Requested by
Host: dtw74fzknz019.cloudfront.net
URL: https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:13:b808:7b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer
https://dtw74fzknz019.cloudfront.net/public/assets/css/compiled-login.css?id=7a38f93d7cb1411f499b
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 00:06:31 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
age
1282404
x-cache
Hit from cloudfront
content-length
15920
last-modified
Thu, 18 Aug 2022 14:36:38 GMT
server
AmazonS3
etag
"f00e7e4432f7c70d8c97efbe2c50d43b"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
https://cor.works
cache-control
max-age=2628000
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Vg9bdL6PK8qkMiTD4Si-5GQzWqWVjWxr_T_CvSW_zJ3WL4M2Ruh7xA==
expires
Wed, 18 Aug 2027 14:26:29 GMT
amplitude-3.4.1-min.gz.js
d24n15hnbwhuhn.cloudfront.net/libs/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d24n15hnbwhuhn.cloudfront.net/libs/amplitude-3.4.1-min.gz.js
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b14d6e21c0373a92f15d4efbbbb23d46e691a4f319cfefb4d82b62aa9788d378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sat, 02 Jul 2022 00:19:53 GMT
Content-Encoding
gzip
Age
5428802
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
20470
Last-Modified
Mon, 21 Oct 2019 15:45:34 GMT
Server
AmazonS3
ETag
"db7d97158ecf4e497a75d3491c0ff36b"
x-amz-version-id
t6bvUbcoGubFDTg80b_wpxAHI24O4K7v
Via
1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
wOh9O2XxWeO0xlO9HmZBoNJNhWKDyHv-PsC1rmhxlI2Xww5ObxN_5A==
js
www.googletagmanager.com/gtag/ 		203 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WSQHTY6J1Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ad5d2bd42c863e79917b4ddd1cffce7842ba0e4a9c36f2a2bd65712174ae63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73898
x-xss-protection
0
expires
Fri, 02 Sep 2022 20:19:54 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4437
date
Fri, 02 Sep 2022 19:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 02 Sep 2022 21:05:57 GMT
snippet.js
static.zdassets.com/ekr/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=7b70f1ce-8a16-4be7-895f-45775342919a
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=0
x-amz-request-id
VQ860W4C6T8SZN71
x-amz-id-2
Nj019p3YEJrY2MgA5ruSGSeQ/5f3C15TYXFLfwKRcmR8J5NHyQaKtTXWiRfv9XAgtMNlraS55iQ=
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfLpa%2FgiBZfkcaKbMUF2LjSMGkKsyJ5jQKfmiFL2uGDjXeBa6LCgSjQFphIvJn0hIgITB5K0BjT6gYcsOeLRquqo%2BCcKobq%2B%2BPI6GiWhYeimG2vAg40Mpa0FWqNZnhfGIkCN%2BnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
x-amz-version-id
TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
cf-ray
7448f17909e290a8-FRA
104214.js
fast.appcues.com/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/104214.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
59c3a3372b44081f6d863e1ad436b5ae5f0f28cc5c2e59329396b3314cfe317b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
5811
x-request-id
FxEknScoKwSa9HpeYO8E
x-served-by
cache-mxp6979-MXP
access-control-allow-origin
*
server
Cowboy
x-timer
S1662149994.427000,VS0,VE524
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
via
1.1 varnish
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WSQHTY6J1Z&gtm=2oe8v0&_p=50169944&cid=512424583.1662149994&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662149994&sct=1&seg=0&dl=https%3A%2F%2Fcor.works%2Flogin&dt=Login&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WSQHTY6J1Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 20:19:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cor.works
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=50169944&t=pageview&_s=1&dl=https%3A%2F%2Fcor.works%2Flogin&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=40258201&gjid=717844937&cid=512424583.1662149994&tid=UA-63155060-4&_gid=1115486623.1662149994&_r=1&gtm=2wg8v05H9NHVF&z=759558017
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cor.works/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 20:19:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cor.works
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
7b70f1ce-8a16-4be7-895f-45775342919a
ekr.zdassets.com/compose/ 		427 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/7b70f1ce-8a16-4be7-895f-45775342919a
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7f7b9a736b9f1d5818ff6cbfa8474353a45348b7d072b026ce7086e10b6668
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
cf-ray
7448f179abd3696f-FRA
status
200 OK
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=0
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
3025b9aa9d40261da2d65107ec2385be, 3025b9aa9d40261da2d65107ec2385be
x-runtime
0.002364
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"bb7f7b9a736b9f1d5818ff6cbfa84743"
x-zendesk-zorg
yes
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMZf3OTW9rDxJqoGrxWhy42T4AxFqx0lmdnKi0qVINfAQU1RZeOrWs%2BNwU6HBZ7ytVfhHgjFrfxoYWRwHYSDDqR9Fe0AZ1Oe5URDaaAGgRkmfZSbn5HeBwPxGSSt87Xtq1Q%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
conversations-embed.js
js.usemessages.com/ 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
via
1.1 50d543ccd342bc50b5f1439e7bdddcc8.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
138
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=7448ee18aa060211-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 22 Aug 2022 02:10:32 UTC
server
cloudflare
etag
W/"be054c0d1ce8e9f928e051e15475d755"
vary
Accept-Encoding
x-amz-version-id
3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD55-P3
cf-ray
7448f179f93a01e7-ZRH
x-amz-cf-id
BH0ivPVbmY2ERw9j4a9X1gZszADuU2Ty5hrZGIJv701w29YTegX6wQ==
x-hs-target-asset
conversations-embed/static-1.10632/bundles/project.js
2960453.js
js.hs-analytics.net/analytics/1662149700000/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1662149700000/2960453.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dab5c34822486b4aebb9fec9fda26a07edc7ede5b62db7f577e3ec5d8c365d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
RN7MB6G69BH5E3TF
x-amz-server-side-encryption
AES256
cf-ray
7448f17a09440200-ZRH
x-amz-id-2
Hcpeu1WzMxzWmYEIIZdGtAGB3Cj8+q1pglvcOxpquyIQkTf5aOXb2281p5OVbJYcfQGSkG35oWU=
last-modified
Wed, 31 Aug 2022 11:50:16 GMT
server
cloudflare
etag
W/"7c8cb96a839f6e8929136ba4eeea6797"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Fri, 02 Sep 2022 20:24:54 GMT
fb.js
js.hsadspixel.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e403a2b0fec3d21d154e033a7f3410b42318c2ffe673e77a25733cc226ce2db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
via
1.1 035e691ec6c773baa108d5dd3cdf6b28.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
130
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.291/bundles/pixels-release.js&cfRay=7448ee4a5d4d020d-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 29 Aug 2022 02:24:13 UTC
server
cloudflare
etag
W/"b87a46225f6f8c23b129956fa811f1ce"
vary
Accept-Encoding
x-amz-version-id
7UJo2wwrqBK17_VnZoHwOb7a4zSK2Hcf
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD55-P3
cf-ray
7448f17a1a720229-ZRH
x-amz-cf-id
9uTHFHacDC-n3A7YTllUsokUVKHURBff5fnunUPLc1jPNDbdpXPSMQ==
x-hs-target-asset
adsscriptloaderstatic/static-1.291/bundles/pixels-release.js
2960453.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/2960453.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2960453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f79bc835aa1a0d5f02c0b5880c20b94584214de31fc4f0e968384bb3329e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
85GDATCPS8YXQ7EY
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
4zi2l6oj4raQ30/zoiG8z+j2coQQCttMMyL6CVsx3qk1kH3zG8MWzhNxF19beiNFKk5xvIlp94w=
timing-allow-origin
*
last-modified
Tue, 30 Aug 2022 20:43:12 GMT
server
cloudflare
etag
W/"eb976c6c399126866a1786d2883ab534"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
reoYfnRp9bAd_Sr1pdvONYW.qbh1oB35
access-control-allow-origin
https://sancho-bbdo.cor.works
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
7448f17a094401e7-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 02 Sep 2022 20:24:54 GMT
public
api.hubspot.com/livechat-public/v1/message/ 		257 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2960453&conversations-embed=static-1.10632&mobile=false&messagesUtk=13a5841faa6344e9803a3f47b0c77015&traceId=13a5841faa6344e9803a3f47b0c77015
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29bc4f05be2554b0990df324dc8c0c42896057d18629863361198844adcb9f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Referer
https://cor.works/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://cor.works/login

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f40dae60-4a57-4832-abb9-8f99668dba9f
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
204
server
cloudflare
x-trace
2B0B39B9DF966A2C2F17AFB39EC3D7FCA0B1B4FDCA000000000000000000
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYqnrKbXjdkx5LvnfjUcLVf2oSRCWaZJW%2Buht%2BZUKGlEiH8959uetiOpl86LFIXj9Ho1UCkAZpLf13UG1q%2F9NDtS7nKVLWXlyBoaP02XJlXw6vRKz14Ed2SgWi6oFCqcjgra%2F56UMF6CfjNIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cor.works
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
7448f17c2ac82373-ZRH
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=2960453&conversations-embed=static-1.10632&mobile=false&messagesUtk=13a5841faa6344e9803a3f47b0c77015&traceId=13a5841faa6344e9803a3f47b0c77015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://cor.works
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://cor.works
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7448f17aac5b0208-ZRH
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 02 Sep 2022 20:19:54 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpjPicbIKBmho0YMWm%2Ft21VjxtI5E3bhAb1%2FHcJfyU5MoCao8o9r3IYzQTiBjR78eGwoUPpMvdMCLrg4O8oluXqpmXlEJjUOU873qh1nko7Nxsa1SlZ0HaIr3WNE4jfqSm2GCDg8Cvh6brjZfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hubspot-correlation-id
81b87c8c-9eac-4f0f-8711-e259b814cf3b
x-trace
2BF7E568D963763BFC8F559FA5B7BD0E97FE227768000000000000000000
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 		74 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2960453
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d620d8c4be7c3020badb35467b401e1249a7b191a414277076c289faf94b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
9082fdc0-5aed-463e-8ed8-5a0b7250a73a
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B45508B32168509BFCB5948FF541D87259E2931DB000000000000000000
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JB504N2mq0laEqeMxragSe1GC2NQfjfkNPRTPRZ3UKtBJFpz%2BgNn93UB7stOqHzEWBtOBejcBY9K4enf%2F3hnFSGx4W4NttOOSFEYh9xMXrRdQkZrYcGmZ9MffDh%2FYfmBlM2ba5m8u5WqZMHo"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://cor.works
access-control-allow-credentials
false
cf-ray
7448f17b6ffc23f7-ZRH
access-control-allow-headers
*
web-widget-framework-173a4198db458747a9aa.js
static.zdassets.com/web_widget/latest/ Frame AD4C 		151 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7b70f1ce-8a16-4be7-895f-45775342919a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
813ba93211de2a1372a25d3a20eeff898bba359ba9c09c210972589079acdb20
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:54 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62556
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
FC8YBH4DH7T16MTY
x-amz-id-2
wOD++kAZxmSPJEGXtGOkvJF05yIBaWfSW4Y4xcC46tpclfAzBTPgQqL4YkBDaKtGEVyidUjExkE=
last-modified
Thu, 01 Sep 2022 09:51:07 GMT
server
cloudflare
etag
W/"cbd05ff9598c4fdffe5f6ffde2eb11ce"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQBdMf4VfOeFqlXNOQ3qxeEW0kOT%2FcqjuLcSnCBB3GomQdeLeb5C2NmLpH4W%2BE8mckwl5cl0Mn6KWJ3CsCQekqN6W4IfRATIEWWsTzN125UbPLC3eT7LWsGn0kPzoLTGPY0HBDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
UTEOFECC497P83HrcgWVpzNykmVvl6tR
cf-ray
7448f17b0bd790a8-FRA
expires
Fri, 01 Sep 2023 09:51:05 GMT
config
cor.zendesk.com/embeddable/ Frame AD4C 		836 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cor.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
872a355e7574f1b3f89ae399ad63a3659a64a6426caf357f00328718592904f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Origin, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-6f8bb5c559-t2n5r
access-control-allow-methods
GET
x-cached
MISS
x-request-id
a936c672fbec47e0ac190c0f3cb0b746
x-runtime
0.002047
last-modified
Fri, 02 Sep 2022 20:19:55 GMT
server
cloudflare
access-control-max-age
7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOYajAwKGctutD2A10mmJxwNvGWiyPlJjHB%2FhWEwoTqdl8OJNIkGbpBTF4Gc4SQzXZxKch5K%2BKNmmb1A%2BoYPGFuWlsanDaWUyFLrzZqBev3Pp%2FVXbUqBEb8XUkgHWCcDEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray
7448f17b9a476922-FRA
appcues.main.0d116eca0c02b4346a78abc3094b9ad889a171e7.js
fast.appcues.com/generic/main/4.39.22/ 		411 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.39.22/appcues.main.0d116eca0c02b4346a78abc3094b9ad889a171e7.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/104214.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe3d3d81e104ffb0e915e2fdbaef308ed7fe5174963cfe4925b51b7eb39de314

Request headers

Referer
https://cor.works/
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
gzip
age
105694
via
1.1 varnish
x-cache
HIT
content-length
117814
x-amz-id-2
gmNGxXIucIQz5dAvhXMUT5+Nua+KX3wFew5G2IV/C8F1EXV9FDX9AuZJJQ8Ig+j8CifYc/xHMcw=
x-served-by
cache-mxp6968-MXP
timing-allow-origin
*
last-modified
Thu, 01 Sep 2022 14:53:25 GMT
server
AmazonS3
x-timer
S1662149995.047716,VS0,VE0
etag
"ba5bb790c0a2afe0ac1138474541d827"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
RM4QPZM9A9XV5223
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1872
web-widget-classic-e23c996.js
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ccb3c6460011b5942b20a7c978e93f2e1eec28537aab4ff0c837b6b4b6bc0a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62557
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
FC8NQ56Q20DARPEZ
x-amz-id-2
wJ3HsCpkVxNl+bUm7leRmmd5iTxYiJQ/w+BEVz0ILaprqo185DARGHi31T9Tzsnzt902xxqMYEw=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"b608747261fdbf7f2417a812b63634b4"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxDo4fTqrdF%2FGvrxazs8OabuSwNDHI5XL8dqW1DhuCzFH7ukQrqMu1U7jVeVAHCqjDHXm4%2BcR0PKV1YcDttapNf8mKJxO6SP1olcML7P5y9JY%2FABNL6ibw4F3Nx3fM03R33uIqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
V4tntUdoql5PfATDGqAxYKsU7TQe_pwC
cf-ray
7448f17d1d9790a8-FRA
expires
Fri, 01 Sep 2023 09:51:19 GMT
web-widget-8165-e23c996.js
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		663 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62557
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
FC8VN92FNYT6RSV4
x-amz-id-2
usfW9/BDqqVtAxbmPCD/Fw7dctjNBRwoeycsqurWvrfCvu1+4xkwyEQzPvWtLitY/QYRmtNlw94=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"3fb1755f31689e15a362e7877ecd38ff"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3JFVuBLUg7Dwuiy3QMrH1ePGEhhOjjXyG1jVURL0dLdVUprBTfn0ggiPKO0oQiu1iDMEIXxxRPo9dgXetMaxvUEPksJSsl68Ik5dC4kggN0ZjZN68TrOfyA0LDP1e%2Fey4SfUU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
bctl6Y1T1NMvFpZKptxK4gJNi0fT_wqv
cf-ray
7448f17d5dd490a8-FRA
expires
Fri, 01 Sep 2023 09:51:19 GMT
web-widget-7495-e23c996.js
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		468 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-7495-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6106e4dd22f3e017684ef500b1b76c476afeef83d92940ab5525e4c49f6d4765
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62557
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
FC8MJCRVZET1EJB9
x-amz-id-2
y7hfwgVJ5JAGvjdTHk5dKXvj2a3UR9Klmu6c9l7AmoQp45r0wMdmwN6eSlMj6TNjqWqGZXPgCPE=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"1a5a845797b3c8f25581fc424a35978b"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESkn1i9QwIjCwLl7OSsHnnDWp9nS4cOkICsLL2a33%2Bb8n72p5ZTnCKyhGkXGCDi064aC%2FEjvRXpBywVtHeDQbW1lM7nSCBiku7qoxXc8zNAcXI7QB0xU18XoJOtvtcM3ktu2LaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
1RT08D5qImVmMyokK.f5vWdte.Xq.Ll_
cf-ray
7448f17d5dd590a8-FRA
expires
Fri, 01 Sep 2023 09:51:19 GMT
container.0d116eca0c02b4346a78abc3094b9ad889a171e7.css
fast.appcues.com/generic/main/4.39.22/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/4.39.22/container.0d116eca0c02b4346a78abc3094b9ad889a171e7.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.39.22/appcues.main.0d116eca0c02b4346a78abc3094b9ad889a171e7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25ea0f4739d446723b41952f762e1c9e7914cf5672c570f67ce3b44fcbb9afa0

Request headers

Referer
https://cor.works/
Origin
https://cor.works
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
gzip
age
105554
via
1.1 varnish
x-cache
HIT
content-length
1953
x-amz-id-2
x8PQJ8tA27vppf8MMNDBzsgOq3JIFyFItOsnefo1gppATcJtaEaTyZjf6jqF3WI82/uo2OsopJQ=
x-served-by
cache-mxp6968-MXP
timing-allow-origin
*
last-modified
Thu, 01 Sep 2022 14:53:25 GMT
server
AmazonS3
x-timer
S1662149995.212285,VS0,VE0
etag
"c74c3a0f0689ea16a43198e246fbcc29"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id
9Z36M89YNN605RS7
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
content-type
text/css; charset=utf-8;
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1835
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: cor.works
URL: https://cor.works/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
QS55VTZ5KYBT01RF
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1662149995.394042,VS0,VE0
date
Fri, 02 Sep 2022 20:19:55 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
17085
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26752
x-xss-protection
0
pragma
public
x-fb-debug
4UInqFhTdzCPIs/IoZhGYHwy/rel3m+AUBhzlrlhF1S3QMk5owPN3AlGaDHyEYXfnKuQoPu3ahyX0YFqHX0ApQ==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 02 Sep 2022 20:19:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
__ptq.gif
track.hubspot.com/ 		45 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=836625478&v=1.1&a=2960453&pu=https%3A%2F%2Fcor.works%2Flogin&t=Login&cts=1662149995234&vi=04a1c8cd838a52d9dfb777e54af915dc&nc=true&u=25723362.04a1c8cd838a52d9dfb777e54af915dc.1662149995231.1662149995231.1662149995231.1&b=25723362.1.1662149995231&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
6f7c8721-3d51-4886-911b-c1cec214c0f0
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
x-robots-tag
none
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cthnDbuVO7Tzl9F4deoGHMAYWYFCgmi%2FWKzt2T%2BCwVizTawK68nXw181p5Wq1RR22FDwj4uSJ%2BNIJw%2Fdm21yX9NIHzMNF3HT7XhgbvkE3WE2bZYgae0ABrK8frFg8vENAb9cY0oQW4f%2FdDe7DiER"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7448f17eaaac0229-ZRH
embeddable_blip
cor.zendesk.com/ Frame AD4C 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cor.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS41MiBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlfSwiYWN0aW9uIjoibG9jYWxlTWlzbWF0Y2giLCJjYXRlZ29yeSI6ImxvY2FsZSJ9LCJidWlkIjoiZGQ0YzE4MTk3OTUxNDQwMjgxYWJkZTQ4MzNlYTQ1MDYiLCJzdWlkIjoiZWI4MWZlODA5NjBmNGNjMDhlYzI0YWFiZDFjYmU2ZjQiLCJ2ZXJzaW9uIjoiZTIzYzk5NiIsInRpbWVzdGFtcCI6IjIwMjItMDktMDJUMjA6MTk6NTUuMzE0WiIsInVybCI6Imh0dHBzOi8vY29yLndvcmtzL2xvZ2luIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
cf-cache-status
MISS
last-modified
Fri, 02 Sep 2022 20:19:55 GMT
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oegCOKK%2FSppWDLFeCWJmSq1BUayUI9pYn7rai6lGPEaBNcGAHXoGPzGnIssA9yEvHXQG0oQ8YkFlNiRHmoTz2f1lyzIR7%2FX844UnCZMOKuWadbbkJeLdWQQ7Tvkegr8RFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7448f17eceb76922-FRA
content-length
0
x-request-id
b95e8b545dc6b9122bdc122309d7ff8f
de-de-json-e23c996.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame AD4C 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62555
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
H3E6CS5CFY56AV0R
x-amz-id-2
yL5TZqi0VQI3eb/xSw8k08/qRBv6ujWqzoz15LCvbEazv5GRSc5z7aLH5KBAh7jSKUCDir+5C6g=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"dee0c6a89a545cab72e7f62ab96b94c6"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a81uNpL7%2BqkycD6hwudmyHhedVcEJ%2BzUWt6zVM2opSoV0Lx4modu36Uw9PbGr20uCpu37EgLOk%2FDAVXl75IpWL9895X93Ub039PVPcPRT8jZMnWd1KE%2Fgyeh1dPKWzAn0921P3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
hRH6_g5WKYrExwhHMpZUhXEMyEC4bg2Z
cf-ray
7448f17edf0d90a8-FRA
expires
Fri, 01 Sep 2023 09:51:20 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.79
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
hQF7cYvT9LlJlNl0Uf6LQsD4e4W6vA2JjFHZwh/Y9mJzLMIW/eV8ytSBz6cUU5ax3jCWkGiQ82GPpEdO9Uy+0A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 02 Sep 2022 20:19:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
473120943447503
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/473120943447503?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f1a351b753d7b032eb5d112e2fb246bbaf5942b4e54a01d1180e2f96afd61b52
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
kNoUOIJcqT//gPvIqHzqb0ptWRfmgjC9eF5Y97BwI/XFGtZ+OEisbN2cB5NaTI04CEfIdFCLPAA0w1Z2RDkLOw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 02 Sep 2022 20:19:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
web-widget-chat-sdk-e23c996.js
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62556
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
BYFXMY4J0DVMCC8F
x-amz-id-2
OUmo3IYA/33cAbCAgg/C3yYsB6LLT8pwzGpv75JI8X5syoFPBpecWXPyzfzVq4RdMVoo4QLqYNk=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"865d0cd066636165cf7f35fb97a1d90d"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT2e1plWWwqNvWZsO0yZdMLlG7%2BK61dG8gLxFAEJ2t63fd%2Ft2jdAn3%2F7d3zUwIfgIvNJkAV4kcwjQkiVHawnZZHnugv%2F9%2FoT3BOFKKrw0%2FtZnBxtcOnVvlY356%2B2PTYJBV092Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
pfki60TYqByRIWF8sq2lHMU4URddZ4f7
cf-ray
7448f17f1f4790a8-FRA
expires
Fri, 01 Sep 2023 09:51:19 GMT
embeddable_blip
cor.zendesk.com/ Frame AD4C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cor.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InRpbWUiOjY4LCJsb2FkVGltZSI6MzUuNjk5OTk4ODU1NTkwODIsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJMb2dpbiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDUuMC41MTk1LjUyIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEsIG1heGltdW0tc2NhbGU9MSwgdXNlci1zY2FsYWJsZT1ubyIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2UsInJlZmVycmVyIjoiaHR0cHM6Ly9jb3Iud29ya3MvbG9naW4ifSwiYnVpZCI6ImRkNGMxODE5Nzk1MTQ0MDI4MWFiZGU0ODMzZWE0NTA2Iiwic3VpZCI6ImViODFmZTgwOTYwZjRjYzA4ZWMyNGFhYmQxY2JlNmY0IiwidmVyc2lvbiI6ImUyM2M5OTYiLCJ0aW1lc3RhbXAiOiIyMDIyLTA5LTAyVDIwOjE5OjU1LjM4MVoiLCJ1cmwiOiJodHRwczovL2Nvci53b3Jrcy9sb2dpbiJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-173a4198db458747a9aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
cf-cache-status
MISS
last-modified
Fri, 02 Sep 2022 20:19:55 GMT
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPPziGwiNMNKjFdeeGYwnJ3JRVdChhdxVvdq9HHKg%2FAJSBbeQNxoCP8izFkfGrYNJxa5QLIO2K9Tl5vWCJ1NOyKcYno6HNCV39rATsqwXiRpBgN3UGIKBnSTsQ2HZBf4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7448f17f3f4e6922-FRA
content-length
0
x-request-id
afe8b407f73cfe26304bc6172330b0fd
87c8094477
bam.nr-data.net/1/ 		49 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/87c8094477?a=297915319&v=1216.487a282&to=MVEBMkEDDRFZW0EPWAgbIgVHCwwMF1RaAV4I&rst=2165&ck=0&ref=https://cor.works/login&ap=43&be=918&fe=1971&dc=990&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662149993258,%22n%22:0,%22f%22:697,%22dn%22:697,%22dne%22:697,%22c%22:697,%22ce%22:697,%22rq%22:698,%22rp%22:857,%22rpe%22:964,%22dl%22:867,%22di%22:989,%22ds%22:989,%22de%22:990,%22dc%22:1971,%22l%22:1971,%22le%22:1976%7D,%22navigation%22:%7B%7D%7D&fp=984&fcp=1023&at=HRYCRAkZHh8%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 20:19:55 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
7448f17fb9095c5c-FRA
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=473120943447503&ev=PageView&dl=https%3A%2F%2Fcor.works%2Flogin&rl=&if=false&ts=1662149995464&sw=1600&sh=1200&ud[external_id]=04a1c8cd838a52d9dfb777e54af915dc&v=2.9.79&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1662149995463.1032715245&it=1662149995347&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 02 Sep 2022 20:19:55 GMT
web-widget-chat-incoming-message-notification-e23c996.js
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		208 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-e23c996.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-e23c996.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
62554
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-request-id
H3ECFP0Z18GZQE9J
x-amz-id-2
wFCRS+0WtrTMePSOjWpfXVL66jPIJB5pUtvJXPHyPmG45l69jEs2Xnk1tnPDKrouwB5+YX7U28o=
last-modified
Thu, 01 Sep 2022 09:51:21 GMT
server
cloudflare
etag
W/"659635f5ad1b6653645380f46aa42236"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LO8Mkrm6%2F0jtLXVe5uUSBh%2BA49kRvSjJ8pO042TttOAgYgcWuWNlQWNLTFXPDP6b8GxIx%2BMYTLL%2FFKsPEfKpLUs6zuSr8OfpHpYG1yRCfNkDSC2Pp4tymPRFHg95pi1vQTWst8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
Go1pByPObiglh8SIUkdGDBc7s1Iy4RCv
cf-ray
7448f18108fa90a8-FRA
expires
Fri, 01 Sep 2023 09:51:19 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/classic/ Frame AD4C 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Sep 2022 20:19:55 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15270514
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
x-amz-request-id
JV82F2Q75Q9SH52X
x-amz-id-2
7jRFkhSGoKTJKa8EYsHFT7mixTiGbrFuRCEe9amr3u4nOjnEEnskKoBmwOPPi3COT51zpfkpZQ4xLKaA5ZBQTg==
last-modified
Wed, 09 Mar 2022 06:43:05 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7TP0GkcuJsU1up4eLk48SXkGJ%2B0o1cSN3qybTKbeNSLprkn2Nn6Fi9XKTbDorpindT%2FDWhYkoxFQGdOZZEW7UJdEaJDWn2xjAt7VY27lxsWu%2BqN4hDb%2BEkkP1k3nUK7uTJn%2FWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
ngeCnQamEcRo6kgSgz9pTF5J7hCEPwJW
Content-Length
19698
cf-ray
7448f181696b90a8-FRA
expires
Thu, 09 Mar 2023 06:43:04 GMT
/
www.facebook.com/tr/ 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=473120943447503&ev=Microdata&dl=https%3A%2F%2Fcor.works%2Flogin&rl=&if=false&ts=1662149996973&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=04a1c8cd838a52d9dfb777e54af915dc&v=2.9.79&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1662149995463.1032715245&it=1662149995347&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 02 Sep 2022 20:19:57 GMT
bundle.min.js
browser.sentry-cdn.com/6.10.0/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.10.0/bundle.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H9NHVF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f80a6dfe11e2b60758ab376b4de71fd697d4abed085a98c611b185ad182b0ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:19:57 GMT
content-encoding
gzip
last-modified
Thu, 22 Jul 2021 07:43:28 GMT
server
Fastly
age
2707234
etag
"b349f5305f7649fa4e9b8e380f14bd89"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
21713
expires
Wed, 02 Aug 2023 12:19:23 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WSQHTY6J1Z&gtm=2oe8v0&_p=50169944&cid=512424583.1662149994&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662149994&sct=1&seg=0&dl=https%3A%2F%2Fcor.works%2Flogin&dt=Login&en=scroll&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WSQHTY6J1Z&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cor.works/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 20:19:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cor.works
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| isIE object| NREUM object| newrelic function| __nr_require object| register object| gaFunnel function| $ function| jQuery object| dataLayer object| pw object| cb boolean| mask object| google_tag_manager object| amplitude object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| zEWebpackACJsonp function| zE function| zEmbed object| _hsp boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq boolean| PIXELS_RAN boolean| zEACLoaded boolean| _hspb_ran boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| AppcuesBundleSettings object| Appcues object| regeneratorRuntime boolean| _hstc_ran string| __hsUserToken function| fbq function| _fbq number| expireDateTime function| $zopim object| Sentry object| __SENTRY__

15 Cookies

Domain/Path Name / Value
cor.works/ Name: XSRF-TOKEN
Value: Gd5CMtt17LohOdbTXqFSWjASdHxxwM2DrPBgejiz
cor.works/ Name: v2dkjfoaij-uiu-fls9kdj7f3ek5j-v2
Value: YJkaDZmf5EYxqfTV19cT8RtiHrOg7OJTsy0wQslG
.cor.works/ Name: _ga_WSQHTY6J1Z
Value: GS1.1.1662149994.1.0.1662149994.0.0.0
.cor.works/ Name: _ga
Value: GA1.2.512424583.1662149994
.cor.works/ Name: _gid
Value: GA1.2.1115486623.1662149994
.cor.works/ Name: _gat_UA-63155060-4
Value: 1
cor.works/ Name: __hstc
Value: 25723362.04a1c8cd838a52d9dfb777e54af915dc.1662149995231.1662149995231.1662149995231.1
cor.works/ Name: hubspotutk
Value: 04a1c8cd838a52d9dfb777e54af915dc
cor.works/ Name: __hssrc
Value: 1
cor.works/ Name: __hssc
Value: 25723362.1.1662149995231
.hubspot.com/ Name: __cf_bm
Value: wU9_wwJVdptjml0HNfWS9QZ7RPhMw99M4o0db2lArBg-1662149995-0-AZE0/1WP229NI2DZYHPWhWVr0c6Y0KWTrZJtDszGc5fxy6A3Jmji68otIKXUTBeGRO3j3stYXDJ81kwyMkNG/6E=
.cor.works/ Name: _fbp
Value: fb.1.1662149995463.1032715245
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: d05OOTvlKKppkDKt9SzJmTgy/AkgfAsc/oyy4TIWuAjac6swEQ80x95zWeNI3e3GBm/dBIoQadkxTuYBTt2DmcW7Uw00ezC2xlwnR3TZ2Hbd1kpCCNoajzDy20tJ
.facebook.com/ Name: fr
Value: 048wvJvaPwhscx0ei..BjEmVr...1.0.BjEmVr.
.cor.works/ Name: __zlcmid
Value: 1BllCJ71ABApSB9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
bam.nr-data.net
browser.sentry-cdn.com
connect.facebook.net
cor.works
cor.zendesk.com
d24n15hnbwhuhn.cloudfront.net
dtw74fzknz019.cloudfront.net
ekr.zdassets.com
fast.appcues.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
region1.google-analytics.com
static.zdassets.com
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.16.53.111
104.18.72.113
13.224.194.86
151.101.194.137
162.247.241.14
2001:4860:4802:34::36
2600:9000:21f3:a200:13:b808:7b40:21
2606:4700:4400::6812:21ab
2606:4700::6811:47b0
2606:4700::6811:71b0
2606:4700::6811:cccc
2606:4700::6811:d4cc
2606:4700::6811:eecc
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::729
2a04:4e42:600::622
52.205.229.223
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
25ea0f4739d446723b41952f762e1c9e7914cf5672c570f67ce3b44fcbb9afa0
29bc4f05be2554b0990df324dc8c0c42896057d18629863361198844adcb9f68
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3ad5d2bd42c863e79917b4ddd1cffce7842ba0e4a9c36f2a2bd65712174ae63d
53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407
59c3a3372b44081f6d863e1ad436b5ae5f0f28cc5c2e59329396b3314cfe317b
59ccb3c6460011b5942b20a7c978e93f2e1eec28537aab4ff0c837b6b4b6bc0a
6106e4dd22f3e017684ef500b1b76c476afeef83d92940ab5525e4c49f6d4765
63d620d8c4be7c3020badb35467b401e1249a7b191a414277076c289faf94b1c
68044eaef1841a02213086348bf81a382b3bee100aa54c7369c947da239a0357
6a0f07fac6fc58958b0e670e2d2927901e052938b2162c1553817aa4cbf5de2f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dab5c34822486b4aebb9fec9fda26a07edc7ede5b62db7f577e3ec5d8c365d0
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
80d95d1e09b9929b2b174a0e2af0c25bcb66987474da4625bfdb392380e24a2e
813ba93211de2a1372a25d3a20eeff898bba359ba9c09c210972589079acdb20
83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35
872a355e7574f1b3f89ae399ad63a3659a64a6426caf357f00328718592904f7
87a893936e310d2762f4483e17c498238d544529ef5be428c57b5dc5f8d0f4db
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9a55cc7808b56c6388501a101d92ec82bf5de6d3c155e829e6ae9074676a861f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9d03942bc9587543ae8ca396572578b4dc946584dc1e45f7ef9d3a3f3effd1d
af18233c5ee6a7ea61e96b6d4a3088df3552277520300f3d96dba05ed5a2fa1e
b1200d0a7fc6dc83aa6cae4a41bb736df6b05211ffece11efe1b33c007a76807
b14d6e21c0373a92f15d4efbbbb23d46e691a4f319cfefb4d82b62aa9788d378
baf79bbb9e85dab7c31803586ad80bd69d1ea6020f2183ce2aa3cda687258dab
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb7f7b9a736b9f1d5818ff6cbfa8474353a45348b7d072b026ce7086e10b6668
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d6f79bc835aa1a0d5f02c0b5880c20b94584214de31fc4f0e968384bb3329e28
d9fe3344f6ffaaaaaf42a2adab7e1b57944a8312985777943283a47f766fd036
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd8d59cfe24f7858946dfa5d03dbac085c3046d7e604eb5ad99c302959423a9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e403a2b0fec3d21d154e033a7f3410b42318c2ffe673e77a25733cc226ce2db6
e90e10f3a3adf4cb039c9a0cc3b9e00ce9f84dd24862b0899e7deb1839de855b
f1a351b753d7b032eb5d112e2fb246bbaf5942b4e54a01d1180e2f96afd61b52
f80a6dfe11e2b60758ab376b4de71fd697d4abed085a98c611b185ad182b0ca2
fe3d3d81e104ffb0e915e2fdbaef308ed7fe5174963cfe4925b51b7eb39de314