work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://work.ink/1A1/jailbreakautorobscr
Submission: On January 12 via manual (January 12th 2023, 11:28:54 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 21 domains to perform 83 HTTP transactions. The main IP is 2606:4700:20::681a:b77, located in United States and belongs to CLOUDFLARENET, US. The main domain is work.ink.
TLS certificate: Issued by E1 on January 5th 2023. Valid for: 3 months.

This is the only time work.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:20:... 2606:4700:20::681a:b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:a77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:206... 2600:9000:206e:7800:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:9c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
2	52.52.69.255 52.52.69.255	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:8a00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:8400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:b000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	52.58.102.196 52.58.102.196	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.253.253.183 34.253.253.183	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
83	27

13 2606:4700:20::681a:b77 (United States)

ASN13335 (CLOUDFLARENET, US)

work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c5c (United States)

ASN13335 (CLOUDFLARENET, US)

b.sf-syn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a77 (United States)

ASN13335 (CLOUDFLARENET, US)

redirect-api.work.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:7800:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:9c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.52.69.255 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-69-255.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8a00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:8400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.102.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-102-196.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.253.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-253-183.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 91	754 KB
14	work.ink work.ink redirect-api.work.ink	231 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 388 mug.criteo.com — Cisco Umbrella Rank: 2859	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	383 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10220 cmp.quantcast.com — Cisco Umbrella Rank: 2798 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11769	146 KB
4	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 49391 thisiswaldo.com — Cisco Umbrella Rank: 43550	207 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 197	158 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	769 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1425	625 B
2	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1711	346 B
2	ipfind.co ipfind.co — Cisco Umbrella Rank: 62970	923 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1384	106 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2945	45 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 869	632 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 935	10 KB
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1395	4 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 478	62 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 887	214 B
1	sf-syn.com b.sf-syn.com — Cisco Umbrella Rank: 139538	2 KB
0	rlcdn.com Failed api.rlcdn.com Failed
83	21

	Domain	Requested by
22	i.ytimg.com	work.ink
13	work.ink	work.ink
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	work.ink www.gstatic.com www.google.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
2	match.adsrvr.org	ads.pubmatic.com
2	id.crwdcntrl.net	ads.pubmatic.com
2	lexicon.33across.com	ads.pubmatic.com
2	fonts.gstatic.com	www.google.com
2	ipfind.co	cdn.thisiswaldo.com
2	thisiswaldo.com	cdn.thisiswaldo.com
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
2	cdn.thisiswaldo.com	work.ink
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	a.teads.tv	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	cdn.taboola.com	work.ink
1	redirect-api.work.ink	work.ink
1	b.sf-syn.com	work.ink
0	api.rlcdn.com Failed	ads.pubmatic.com
83	27

This site contains links to these domains. Also see Links.

Domain
brightonclick.com

Subject Issuer	Validity	Valid
*.work.ink E1	`2023-01-05` - `2023-04-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2022-06-01` - `2023-06-16`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
cmp.quantcast.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
thisiswaldo.com R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
ipfind.co Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://work.ink/1A1/jailbreakautorobscr
Frame ID: B7012FE8AAABF95B9264D960F1F4975B
Requests: 70 HTTP requests in this frame

Frame: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Frame ID: E3DD6501E6AC24A88A88C1D41FE043A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lq34hprw9i6r
Frame ID: 559C7B05988C6EACAA629BF2A3EC052D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Autorob script for jailbreak - Work.Ink

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

83
Requests

96 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

27
IPs

4
Countries

2153 kB
Transfer

5109 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://brightonclick.com/jump/next.php?r=6251878

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=aI7wMXxwL0M2MFVvaXVyZStlMWxTL2FkYWdtVmdLUHJjQXpCcmZ1ZlNyWjBDdDVCNVFQZU1rMjZvNVhwazRaVmxEQWs0UFE0WDJWKzJBVW45My8wWmx0TWtPTThFMDR1UFhmNGJoNXFWN0RXdzJDNG9DUUxNaUZ2dDZXVVU4Y3dub09wN1BESkZmTmR1Z1Y0Z29hcWtNeVBLL3duVFpSMzZhRFVobFN6WDloV0lwbDU2L00wQU9RMXhPa0t2SXJNNDhwWXVwV011R0VlbzZ1a0U2VDhDMjgrdXp5bmNoT2VWOWI5NkF3QW5tV0czWjFzPXw&cppv=2

Request Chain 79

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xq5njnx4cGVjVGptUGowRmRWVEhCdklUVVpJK3o3SDhwL2hxRnFHZ3NQTkk3czBRR2FGR2FDMXk0MUZtcEx0a2ptbzVkb2p2THVUaGpJV0dIWkcyNVZnMWJmZEZlTjd2dUk3dXV4Q2IxeTJSdzVoZUwxbEtJc2pNM3NzMjJTYUo3MFFjaTl1aktuNWlsZm5GcHdxdW1sRHV5M0JleWJvb1Q5dVU5T3RhZG1XUWZYc3p4ZWw5SmlmK0p5VVlTOEhvRW8waUJCd3gyMGlYQmIzN29xR0xpMm4xcUdISHJHMEoza0REK25ZL3NlWCtqVmNRPXw&cppv=2

83 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request jailbreakautorobscr Show response
work.ink/1A1/ 4 KB
3 KB 194ms
111ms Document
text/html 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1ab325ed643ecae84980c0a9c881e90cf62f5e87da4c798f8b6b696aa7d0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7889abb2aebe9b8f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 12 Jan 2023 23:28:49 GMT
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qB6qV3CxPVJ0uOh4Fx9aTne3Y9cBNN5NYTITsA%2FQiMtwPP3MlLEt1SNRcK6hFIycquGmN%2F9JkZ%2B06zh78rN%2BreMJNc%2BXEyoe4XFKq%2FOfd9JmRQh7LrAMsCUx6L7i9TZoz5vYbu%2Bk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
x-frame-options: sameorigin

GET
H2 200 chunk-vendors.f4c76a04.js Show response
work.ink/js/ 249 KB
88 KB 33ms
32ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/chunk-vendors.f4c76a04.js

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf800674f7265c679a959e65b85a0539cc0f7749bc36866fb5f40d970e4909e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4682
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-3e32a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pU9uFyV5DfDmDsE9gJ0T2lP%2FdEXQJp4JAb%2BO1blvlZ1XCtEazkCnjjuz5kYnYykh6jTDoOnwH5CELauE5VjlEJTRNA6w0deKeUIJIfYQDSNnJQC2eIo4MOvDIXJn%2Bmqv5NZdTe3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7889abb35fe19b8f-FRA

GET
H2 200 app.d4f8d496.js Show response
work.ink/js/ 200 KB
89 KB 21ms
21ms Script
application/x-javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/js/app.d4f8d496.js

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f4b5c38bf67a1819f545dfb6371599fc909d869cbaf67b8237ee04ffd823074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6145
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=7ZKy4flakWDtVmudN2OYDdS73WaUlbom1r6vL7TTNLo-1673566129-0-AcLscQeU3meZZ89Jl_48WguaJXmW7UGCPwRLunbz9Rnu1_lpvLHV0KaCNuLdrzvLTqwH0fHQgareLAad1TqUurA; report-to cf-csp-endpoint
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-31e33"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6ibOBuxDTiEOLohoUQCuvyAebB%2B4qLlIxoP1FQasKCGuEkSb6CsdmiF%2FCp1iBIo11nGpvzwnful1Jq1dDel2Kxrn54IclbU7ryfDdGu4mPvbvjWWD5OvtorJRnDz%2F70lqh4JfVb"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=7ZKy4flakWDtVmudN2OYDdS73WaUlbom1r6vL7TTNLo-1673566129-0-AcLscQeU3meZZ89Jl_48WguaJXmW7UGCPwRLunbz9Rnu1_lpvLHV0KaCNuLdrzvLTqwH0fHQgareLAad1TqUurA"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: max-age=14400
cf-ray: 7889abb35fe89b8f-FRA

GET
H2 200 chunk-vendors.3ded2ec4.css
work.ink/css/ 51 KB
7 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/chunk-vendors.3ded2ec4.css

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1668
cf-polished: origSize=52731
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-cdfb"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID7Y%2FUpCC8hY%2Frr2%2FcTq2dUEdroqFOzyxvrtSM56EdJgg%2FB5XIdRhOLkwi5iKFMGe%2BQq61FlJanUMNr4zKl79drZjAR4Bo1Og6VA7McgC8E1WqFLkmDOUCI6hc15PFYBTWm0p%2F8u"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7889abb35fe59b8f-FRA

GET
H2 200 app.eacf80c3.css
work.ink/css/ 25 KB
5 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://work.ink/css/app.eacf80c3.css

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b51549a011472bc8d6fd8e67f5efe495ff2df3bdb7f79700483a554cf09f171f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6145
cf-polished: origSize=25897
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-6529"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS6pTEB87MYRYzvgdMi4DxCy3mUVTXXr78XchhQIdhyVTozkVCLl0%2FYvXTpFtlvE1qOUHxsZe%2FuY1cLQ6aZb4MnjMBJ6NwVEW0Z4ous1fPG8XQlKxDe9m19xTW%2BUXsmjXaRmg%2F39"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7889abb35fe79b8f-FRA

GET
H2 200 badge_js Show response
b.sf-syn.com/ 2 KB
2 KB 48ms
14ms Script
application/javascript 2606:4700::6812:c5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://b.sf-syn.com/badge_js?sf_id=3548161&variant_id=sf

Requested by

Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' lists.sourceforge.net; object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self'; frame-src 'self' http://.pro-market.net .crsspxl.com .google.com http://c.sf-syn.com .googlesyndication.com .safeframe.usercontent.goog .doubleclick.net .hitachivantara.com .recaptcha.net recaptcha.net .youtube.com www.youtube-nocookie.com .btloader.com *.pubmatic.com; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-security-policy: form-action 'self' lists.sourceforge.net; object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self'; frame-src 'self' http://*.pro-market.net *.crsspxl.com *.google.com http://c.sf-syn.com *.googlesyndication.com *.safeframe.usercontent.goog *.doubleclick.net *.hitachivantara.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.btloader.com *.pubmatic.com; report-uri https://sourceforge.report-uri.com/r/d/csp/enforce
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 3081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge,chrome=1
last-modified: Thu, 12 Jan 2023 22:37:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7889abb418d791d7-FRA
expires: Fri, 13 Jan 2023 03:28:49 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 852 B
966 B 39ms
17ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit

Requested by

Host: work.ink
URL: https://work.ink/js/chunk-vendors.f4c76a04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 23:28:49 GMT

GET
H2 200 ping Show response
redirect-api.work.ink/ 61 B
596 B 181ms
117ms Fetch
application/json 2606:4700:20::681a:a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect-api.work.ink/ping
Requested by: Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e1a51d093861d3c08bb1c73d720fa5e45f3796a8f19694621ec6a7a79fce2b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3d-NAXGLGEwtZ7+0egjQUpcVubQ1LI"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TU%2BZqOBjIk%2BCGtXfQnZuhyJJURSdxA8cuLzCX7Ymh4VDDu4FI5W2N34je7gUrNGX8Qj7FSwF%2B1CyEeGKm1yfaB7XjUpybldH%2BW9iY77B40eojPjmYscJhQgKx613SfF0XCVeBmLN%2FcAmflxZc7QhwL0GWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7889abb46f2d68fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 11929.js Show response
cdn.thisiswaldo.com/static/js/ 358 KB
103 KB 186ms
28ms Fetch
application/javascript 2600:9000:206e:7800:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/11929.js

Requested by

Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:7800:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

081fa5a75be4039e40d5acb7fb561a9fc07eaead31021615c3aabd90e235c5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 02:59:18 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 08fee972d33a4bc475aad82a2fc199cc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: "59775-5f17b7ca7c674-gzip"
age: 63392
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: mXprBk8hGfe0-I0RT8WFMgWmhrHXu8zb_KjWMN3W9yEXD-MFpULeew==

GET
H2 200 11929.js Show response
cdn.thisiswaldo.com/static/js/ 358 KB
103 KB 185ms
28ms Script
application/javascript 2600:9000:206e:7800:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/11929.js

Requested by

Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:7800:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

081fa5a75be4039e40d5acb7fb561a9fc07eaead31021615c3aabd90e235c5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 02:59:18 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: "59775-5f17b7ca7c674-gzip"
age: 63392
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: AbpAAzbx3uDbocFmrDRlg5nYGSHuniEiYiqCx38kBHJqdR6F0xSmLw==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/workink/ 14 B
214 B 230ms
198ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/workink/loader.js
Requested by: Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220048-HHN
date: Thu, 12 Jan 2023 23:28:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1673566129.312316,VS0,VE191
x-cache: HIT
content-type: application/javascript
abp: 78
cache-control: private,max-age=14401
accept-ranges: bytes
content-length: 14
retry-after: 0
x-cache-hits: 0

GET
H3 400 s.js Show response
work.ink/cdn-cgi/zaraz/ 24 B
449 B 31ms
31ms Fetch
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js
Requested by: Host: work.ink
URL: https://work.ink/js/app.d4f8d496.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71LIyv9ZBBWeE87ZcJwIN8owUqnLfAvT%2F4xxbRlpCHf4OZPKxQHljkGvJ6Bv2I2pgy%2FO%2FMxgW3ew0AUoX9XPKqzDtmfHOrV13EmANyH7FWKSm%2Ft9XfS5vYfFv%2FUBX9RY%2Bx32GsRD"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 7889abb3fe709b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 invisible.js Show response
work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E3DD 37 KB
16 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Requested by: Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1945dd8eaeb73ea96939443a43b74255cbe99a7b0c823756a3e25a5e07b4efae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5gCalAIaRMLWisWrjoF8NKLE43LgDwQahIlOdF6iowp%2FwBDos5xUG2wEe2rgLHOyulMnN%2FVU4rhYPhb4i8zIzNRmWOHVzyTWKgpvTSbMBQTV6JEeqQJn0K5W7X79MPmmCcHpeTf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7889abb40e769b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s.js Show response
work.ink/cdn-cgi/zaraz/ 5 KB
3 KB 24ms
24ms Script
text/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyV29yay5pbmslMjAtJTIwQmVzdCUyMFJla29uaXNlJTIwJTI2JTIwTGlua3ZlcnRpc2UlMjBhbHRlcm5hdGl2ZSElMjIlMkMlMjJ4JTIyJTNBMC4xNzQ4ODA0ODk5MzQ4MzEzJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3b3JrLmluayUyRjFBMSUyRmphaWxicmVha2F1dG9yb2JzY3IlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
Requested by: Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c2f536684fd0983d74f5cd8883fae4e75c5f575d37dd94d808bd0e60b60f4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://work.ink
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oh4QZJ2ifGZZEc%2BAxK1nuUvJeMAg29PVhAS5aiEAIGbozNZyE6Zwi0G5XqKWW3N%2BGD0ZSPNqwXIfGFEJPhqC7xr4l14BR5A08Q%2BfDYHspnek%2F%2BXAw1FfsHjLG%2FUf29nSjJ9ZxYQg"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-credentials: true
cf-ray: 7889abb40e7a9b58-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 101ms
26ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://work.ink/
Origin: https://work.ink
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 08:51:11 GMT

GET
H3 200 workink-colorful-md.8d4b6dda.png
work.ink/img/ 6 KB
7 KB 21ms
20ms Image
image/webp 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-colorful-md.8d4b6dda.png

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 98
cf-polished: origFmt=png, origSize=15564
content-disposition: inline; filename="workink-colorful-md.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6626
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: "63c02a61-3ccc"
vary: Accept
x-frame-options: sameorigin
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MSM8re1k%2Bs7hfp40AnHsUE8HLzlAzzjOzknVR5A6EXNCS%2B0qRPMfkpGB5PkK%2FzWl6KAj9aGVyaUxo0c%2BmiGIzoWPiY1Ljl3UO1f1KhHE5i0pko2F96eTH%2BhtOFFN3%2BpNkKaKF8O"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7889abb44edf9b58-FRA

GET
H3 200 loader.a62dee1e.svg
work.ink/img/ 593 B
831 B 19ms
19ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/loader.a62dee1e.svg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-251"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QE45tEWDPYi3av7rw3gFYHqfHhvivaZtbn4JvXzsG6EVokhP3KMUv0lyfXVYD%2Fvi7rohnPjJJxQxNx%2BWp6hVGTbYgmXGLLuBFd%2FPsrx%2FwPIiqFxFztGjHLX6zwweLSsCKxj9fiu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7889abb44ee09b58-FRA

GET
H3 200 workink-white-md.4be034e5.svg
work.ink/img/ 8 KB
3 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://work.ink/img/workink-white-md.4be034e5.svg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/1A1/jailbreakautorobscr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 12 Jan 2023 15:42:25 GMT
server: cloudflare
etag: W/"63c02a61-2151"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Np5ZGjRqWvE99GPg5m9VHc5XRbhtAhTYqs8Xssyt1NjNoUIg3aHj5T7iSlldI1MVekEovTVssPRkXFJuZlroqkkOYm9heRE79lGrVXgiWrUrxEiYeOLE3FXKHxDPljGDoY03iO7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 7889abb44ee19b58-FRA

GET
H3 200 pica.js
work.ink/cdn-cgi/challenge-platform/h/g/scripts/ Frame E3DD 20 KB
9 KB 16ms
16ms Other
application/javascript 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1458ad01f8958556487212d7dc5ac82e9115984cd20719652e99bff2d1766a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFS%2FTxDkUZob9yHYaSKSwGvowCJa4yACMNYNw1%2FclV0mFn6KQ6VrjJd4T1CyhhvRYXbGlOnc3Nh4S15SWFoSlF4tfaFCHLMj%2FJ1wqW09ChYvJ%2BLGURjjRbsJx2f3UwDsaQOfvi0s"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7889abb44ee29b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7889abb2aebe9b8f Show response
work.ink/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E3DD 2 B
661 B 27ms
27ms XHR
text/plain 2606:4700:20::681a:b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://work.ink/cdn-cgi/challenge-platform/h/g/cv/result/7889abb2aebe9b8f
Requested by: Host: work.ink
URL: https://work.ink/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DB0cq4%2FAkxF3QmMwpz259MsKTZaqlB9HUijcTfPWYVzB4KA%2BS68cs4PZ2fesRKwwbvA9%2B5ZX6U%2FNtmpyvA3eeT2WD%2F24ogqadJMcyF6ogeKKjzWGJ2OXWxwaVnmVD0oH0AhgAXKr"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7889abb5f9199b58-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 559C 42 KB
22 KB 32ms
31ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lq34hprw9i6r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

438bdd701ce80eff5521ecf070a4eacd4bbe4caa7b2d929d960af6bc2ad3ea98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h2c2kRQ48-py4wZjqFmnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://work.ink/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22464
content-security-policy: script-src 'report-sample' 'nonce-h2c2kRQ48-py4wZjqFmnkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Jan 2023 23:28:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/ 4 KB
2 KB 54ms
11ms Script
application/javascript 2600:9000:206f:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified: Tue, 29 Mar 2022 21:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 57
x-amz-server-side-encryption: AES256
etag: W/"84f67876c95a3a1982d1378d05722a85"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5UifyNohUJoxVARE0ElgBfkct4o6NgZ-0sKIkUuPdTPLBBeRslWkKg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 201 KB
62 KB 51ms
8ms Script
application/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:52:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=23958
accept-ranges: bytes
content-length: 62752
expires: Fri, 13 Jan 2023 06:08:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 144ms
59ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b41947d8ae9cd7eda97d79a9484ee4b7137353df9be94e4faa92d04e92c7a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1450 / 59 of 1000 / last-modified: 1673564958"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 12 Jan 2023 23:28:49 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 191 KB
38 KB 50ms
16ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1cb9da23d175509a2b08b74bc9239955ac1e6f00527c635f6dde34a98cc3a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 21:57:45 GMT
server: cloudflare
x-amz-request-id: V070WG5B8ZW7STFY
age: 640
etag: W/"4853f76e404a1736f8c7bc00704d04d3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7889abb68d059274-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nhm7k6Co2gkyb4MM1Yp+U7FHfxEml9ZCGdzz2o0/VW0JkCbVBIi5spN3prySjohmLP6g2qBTTjRYLaQVLsW2Qw==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 53ms
7ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: XRZFPSYY0E4RF6F6
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: o2U2o0XivKKb+Q+7FfcyGHRH0xxVADJjOKHkF2QPQdd89LzzQGXebMnj5iIIuXhOMmGRxWISJuY=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 630ms
394ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 12 Jan 2023 23:28:49 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 352 B
462 B 582ms
208ms XHR
application/json 52.52.69.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.69.255 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-69-255.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9122995aaf7eb6fdd2cf382f313b2694f256507521cb457ec1db4adda29e5dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:50 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 245

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 593ms
361ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 12 Jan 2023 23:28:49 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 352 B
461 B 598ms
230ms XHR
application/json 52.52.69.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11929.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.69.255 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-69-255.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9122995aaf7eb6fdd2cf382f313b2694f256507521cb457ec1db4adda29e5dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:50 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 245

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 559C 52 KB
24 KB 68ms
22ms Stylesheet
text/css 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lq34hprw9i6r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 09:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 09:22:41 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 559C 407 KB
163 KB 80ms
34ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 08:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jan 2024 08:51:11 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 47ms
7ms Script
application/javascript 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 19 Jan 2023 23:28:49 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
44 KB 8ms
8ms Script
text/javascript 2600:9000:206f:9c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/work.ink/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:34:57 GMT
content-encoding: br
via: 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3233
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: bAr3UHiJmjgTorH_zUvHx96Ee4vtYerD6vW6m07zUOoUCYubFvKbEg==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 37ms
7ms XHR
application/json 2600:9000:211e:8a00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e15d161fe141c29bd327d419e9a995f2607a795fb0550ac2d8c26c0b077769b

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 03:00:41 GMT
x-amz-version-id: SVwDON6NI7y0s2hBQqC0oHz.O7U_wt7T
content-encoding: br
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 73689
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 30 Dec 2022 19:52:29 GMT
server: AmazonS3
etag: W/"576d8a77f1f7d5a1f043003ddd2da40e"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: l_a11TG0HlKwkOaLOAOc77uoEecN_XI2G0b_tKS0-Db0fjmQ8uXi3A==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 19ms
18ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: 2MRA9N6NXTHYB266
age: 1920109
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7889abb70d609274-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cB1ab4DnUkDZGmtvBe9R/PgOxG41ZYhVouRRA0ed8IExf6IWMjyrBWdCCwiYBzg6/apLlUu5Gok=

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/45/ 248 KB
65 KB 39ms
7ms Script
text/javascript 2600:9000:206f:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 10:09:25 GMT
content-encoding: gzip
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 48040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
server: AmazonS3
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: gXHnf8WJhKk_wGRiwOEsolGv7S0FUomHqX5n_BBZ04UHFNdGKQiwgA==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 350 KB
43 KB 37ms
8ms XHR
application/json 2600:9000:206f:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bea94071903f85e6924d728112f2820c1af0792482ba5c4b1969831abcd4d7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 03:00:43 GMT
content-encoding: br
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 73687
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 12 Jan 2023 03:00:34 GMT
server: AmazonS3
etag: W/"b455991ab0c258867af46898dfbb30bf"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: tbhVo0kYv1xRY7B0luC4COnJc1XhcXuh5PgiSMurRg_0OxQ-rtD41A==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
35 KB 43ms
14ms XHR
application/json 2600:9000:206f:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=work.ink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 03:00:29 GMT
content-encoding: br
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 73701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 12 Jan 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: zEPbWQs9b7PPhRNMGdwYUGDZz-ZIjBmXPqST471eL0vMVZFzZxiuzw==

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
632 B 52ms
7ms Script
application/javascript 2600:9000:206f:b000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:11:07 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: acFztkyC7i8GmRZnqFApn0Eg77bl1c0NTbAIy7XPrNp-aWCqW2GQ1w==

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/EwkZVwT_XiQ/ 42 KB
43 KB 50ms
24ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EwkZVwT_XiQ/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

848fe25d48f566703d7f17e091284abc77abc185bba22f44755cc0b30ad40d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43471
x-xss-protection: 0
server: sffe
etag: "1662460741"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/_cVY8czgDtI/ 44 KB
44 KB 46ms
20ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_cVY8czgDtI/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e80e9f48f5e9f6b862e3badd843de7b23089604e85a6e2a618861958620a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:26:09 GMT
x-content-type-options: nosniff
age: 160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45038
x-xss-protection: 0
server: sffe
etag: "1653041147"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:26:09 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/CI8VZ__Gx2A/ 50 KB
50 KB 40ms
15ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/CI8VZ__Gx2A/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f1c8dcd932a5281f2111c3d13fc323d046351e9182d1a361c4a1364fc5a9d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:15:07 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51371
x-xss-protection: 0
server: sffe
etag: "1658265568"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:15:07 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/7t67rZRTMGI/ 35 KB
36 KB 33ms
8ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7t67rZRTMGI/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0e2f0ab47dd12fed71145a7f4bd5ce2d4fc813e9053395bb7323f4a1836a71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:10:59 GMT
x-content-type-options: nosniff
age: 1070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36334
x-xss-protection: 0
server: sffe
etag: "1664890966"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:10:59 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/26e1lD-Gg7A/ 45 KB
45 KB 61ms
36ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/26e1lD-Gg7A/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72236e8041c887927be874f0d136fc88416721d3043163e2a9791d1c44ffb750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46465
x-xss-protection: 0
server: sffe
etag: "1659270760"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/pT-cWFYm6pE/ 37 KB
37 KB 53ms
27ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pT-cWFYm6pE/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

736b1bf3be61bb9b085e251667781c1036865d522d79607757850bd167461d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37470
x-xss-protection: 0
server: sffe
etag: "1662986381"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/ulj9aUSWHa0/ 47 KB
47 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ulj9aUSWHa0/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8516259410e99f0740c9502540cf1edbad177198f6d27b6872595d43b7888d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:10:13 GMT
x-content-type-options: nosniff
age: 1116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47811
x-xss-protection: 0
server: sffe
etag: "1671576572"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:10:13 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/AlRuSjp7cec/ 33 KB
33 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/AlRuSjp7cec/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b886cbef15f578e194c5bdf8ae8ef28f1062e779b36e76585d2305a8e2e08ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:16:14 GMT
x-content-type-options: nosniff
age: 4355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33354
x-xss-protection: 0
server: sffe
etag: "1658724269"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 00:16:14 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/sUpu3Su2HTA/ 32 KB
32 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/sUpu3Su2HTA/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5423821cb3f20e1ba6dddcd1c47a0ad3a447035b804297acbe019df502d2e7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:14:57 GMT
x-content-type-options: nosniff
age: 4432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33104
x-xss-protection: 0
server: sffe
etag: "1636290966"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 00:14:57 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/iVPo4usjcv0/ 34 KB
35 KB 14ms
12ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/iVPo4usjcv0/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509892a6e8999c98c1378ccb82ddeb5840dff310c42d1ff3efe9b25255bddf10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:29:00 GMT
x-content-type-options: nosniff
age: 3589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35236
x-xss-protection: 0
server: sffe
etag: "1665540566"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 00:29:00 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/PV6_gtPP1kk/ 37 KB
37 KB 35ms
33ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/PV6_gtPP1kk/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1a11a9e9f3c7936aaf2c855d5237ebcf60882b4a70d3b5661af4b233a512003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38175
x-xss-protection: 0
server: sffe
etag: "1670143950"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/-dxtuWuxsVs/ 10 KB
10 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/-dxtuWuxsVs/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9601ff5dce6959d5f672d657d441f2c28c0ec6901c689c96f648fa981bb5271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:42:41 GMT
x-content-type-options: nosniff
age: 6368
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9962
x-xss-protection: 0
server: sffe
etag: "1670446824"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Jan 2023 23:42:41 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/Pu1pnpFTgtc/ 32 KB
33 KB 28ms
26ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Pu1pnpFTgtc/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d0540b3367aaa12d358ed9ddb64741a2e737c512046b341acc77d875b69fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33248
x-xss-protection: 0
server: sffe
etag: "1663835259"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/RfCXf-QEAQ8/ 30 KB
30 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/RfCXf-QEAQ8/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329490499d1946345d2639167501cfb6031e0b0459e5031937cc935bc5f9e0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30779
x-xss-protection: 0
server: sffe
etag: "1669566382"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/0JvwACcPnls/ 35 KB
35 KB 32ms
30ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0JvwACcPnls/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

079ce932c4e27f9d00ba1d25206ffecdd59b12b2300cdad2fe68d3808523b6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36174
x-xss-protection: 0
server: sffe
etag: "1662125992"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/T9a7ceTNDdU/ 31 KB
31 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/T9a7ceTNDdU/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a06b3794324be5ebd6bea4f6d08df6334d98ced12e6c1f846198a0410cdcda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:08:39 GMT
x-content-type-options: nosniff
age: 4810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31684
x-xss-protection: 0
server: sffe
etag: "1662980356"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 00:08:39 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/1g-DpwLS7tQ/ 25 KB
25 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1g-DpwLS7tQ/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d8120370dfa79ce61ba3300eeab6d846107caa95de4087de412d0b4750913f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25134
x-xss-protection: 0
server: sffe
etag: "1672108561"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/cHSI45z2MiA/ 47 KB
47 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cHSI45z2MiA/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15149d4fea8bf7d7c5c4a6236fb54e0fef25c438d68062c0fb91e7f8fca0ab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:55:01 GMT
x-content-type-options: nosniff
age: 5628
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48139
x-xss-protection: 0
server: sffe
etag: "1654549391"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 12 Jan 2023 23:55:01 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/ExYMN8WfmRM/ 29 KB
30 KB 33ms
31ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ExYMN8WfmRM/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e25f7341c1d2fdb61ca0d7bde5ad977af0d9a2b9ab544298ad4bb4ad734a9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30133
x-xss-protection: 0
server: sffe
etag: "1658390483"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 404 hqdefault.jpg
i.ytimg.com/vi/SBWQ_08A2nY/ 1 KB
1 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/SBWQ_08A2nY/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Thu, 12 Jan 2023 23:29:19 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/raDAt7wr6BU/ 33 KB
34 KB 36ms
34ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/raDAt7wr6BU/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46fac2b2ddd3be32338573dfc805fb0d0534a89f28d9e90335327e28aefa41cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34243
x-xss-protection: 0
server: sffe
etag: "1655484857"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/OJ9zvJix1hg/ 40 KB
40 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OJ9zvJix1hg/hqdefault.jpg

Requested by

Host: work.ink
URL: https://work.ink/1A1/jailbreakautorobscr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7401289100135a04fd75996b2518395dd284453555cf4849c9933612c874d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40698
x-xss-protection: 0
server: sffe
etag: "1671813649"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 01:28:49 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc2aa1f00b45b02834c934fa6f9ae6d80bbddd83c8c86ad7bdbc4165d09d80fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 559C 2 KB
2 KB 23ms
22ms Image
image/png 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 202048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 17 Jan 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 559C 15 KB
16 KB 90ms
23ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 09:20:58 GMT
x-content-type-options: nosniff
age: 569271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 09:20:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 559C 15 KB
15 KB 96ms
29ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 22:15:01 GMT
x-content-type-options: nosniff
age: 4428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jan 2024 22:15:01 GMT

GET
H2 200 pubads_impl_2023010501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 26ms
25ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023010501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132895
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Jan 2024 12:02:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
121 B 110ms
59ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=work.ink

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Thu, 12 Jan 2023 23:28:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 559C 102 B
134 B 16ms
16ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lq34hprw9i6r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 23:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 23:28:49 GMT

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 49ms
9ms XHR
text/plain 52.58.102.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22work.ink%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22KkI%2FKU5jPenQbNeBBXEZcg%22%2C%22clientTimestamp%22%3A1673566129984%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-s07ew8o3lpem3cqnqrc4%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.102.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-102-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 12 Jan 2023 23:28:50 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 559C 32 KB
18 KB 46ms
46ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f0a49beef72fc9459a714971f7acf03361c38a609a49c89c744a293361c176e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeSckcgAAAAADa4NiqiPWZBnTw9LyNml9nB9NrF&co=aHR0cHM6Ly93b3JrLmluazo0NDM.&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lq34hprw9i6r
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 12 Jan 2023 23:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18458
x-xss-protection: 1; mode=block
expires: Thu, 12 Jan 2023 23:28:50 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 176ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://work.ink
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 12 Jan 2023 23:28:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 584336
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
245 B 577ms
365ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 23:28:51 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=aI7wMXxwL0M2MFVvaXVyZStlMWxTL2FkYWdtVmdLUHJjQXpCcmZ1ZlNyWjBDdDVCNVFQZU1rMjZvNVhwazRaVmxEQWs0UFE0WDJWKzJBVW45My8wWmx0TWtPTThFMDR1UFhmNGJoNXFWN0RXdzJDNG9DUUxNaUZ2dDZXVV...

362 B
649 B

54ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aI7wMXxwL0M2MFVvaXVyZStlMWxTL2FkYWdtVmdLUHJjQXpCcmZ1ZlNyWjBDdDVCNVFQZU1rMjZvNVhwazRaVmxEQWs0UFE0WDJWKzJBVW45My8wWmx0TWtPTThFMDR1UFhmNGJoNXFWN0RXdzJDNG9DUUxNaUZ2dDZXVVU4Y3dub09wN1BESkZmTmR1Z1Y0Z29hcWtNeVBLL3duVFpSMzZhRFVobFN6WDloV0lwbDU2L00wQU9RMXhPa0t2SXJNNDhwWXVwV011R0VlbzZ1a0U2VDhDMjgrdXp5bmNoT2VWOWI5NkF3QW5tV0czWjFzPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f53f9afbb6a0f62b16d447aaf8f806a540901d9e9895a1435bb4a07c6edee290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1215461
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=aI7wMXxwL0M2MFVvaXVyZStlMWxTL2FkYWdtVmdLUHJjQXpCcmZ1ZlNyWjBDdDVCNVFQZU1rMjZvNVhwazRaVmxEQWs0UFE0WDJWKzJBVW45My8wWmx0TWtPTThFMDR1UFhmNGJoNXFWN0RXdzJDNG9DUUxNaUZ2dDZXVVU4Y3dub09wN1BESkZmTmR1Z1Y0Z29hcWtNeVBLL3duVFpSMzZhRFVobFN6WDloV0lwbDU2L00wQU9RMXhPa0t2SXJNNDhwWXVwV011R0VlbzZ1a0U2VDhDMjgrdXp5bmNoT2VWOWI5NkF3QW5tV0czWjFzPXw&cppv=2
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 588477
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
313 B 123ms
32ms XHR
application/json 34.253.253.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.253.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-253-183.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:51 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://work.ink
cache-control: no-cache
x-server: 10.45.13.218
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
384 B 134ms
34ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e7497c64b45314273b35a19d96f064c8a8efc774de53579f55b2e42bfe966ac8

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 23:28:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.ink
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 11 Feb 2023 23:28:51 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 154ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://work.ink
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 12 Jan 2023 23:28:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 424704
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
101 B 565ms
375ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 23:28:51 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://work.ink
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwork.ink%2F&domain=work.ink&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xq5njnx4cGVjVGptUGowRmRWVEhCdklUVVpJK3o3SDhwL2hxRnFHZ3NQTkk3czBRR2FGR2FDMXk0MUZtcEx0a2ptbzVkb2p2THVUaGpJV0dIWkcyNVZnMWJmZEZlTjd2dUk3dXV4Q2IxeTJSdzVoZUwxbEtJc2pNM3NzMj...

359 B
650 B

57ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xq5njnx4cGVjVGptUGowRmRWVEhCdklUVVpJK3o3SDhwL2hxRnFHZ3NQTkk3czBRR2FGR2FDMXk0MUZtcEx0a2ptbzVkb2p2THVUaGpJV0dIWkcyNVZnMWJmZEZlTjd2dUk3dXV4Q2IxeTJSdzVoZUwxbEtJc2pNM3NzMjJTYUo3MFFjaTl1aktuNWlsZm5GcHdxdW1sRHV5M0JleWJvb1Q5dVU5T3RhZG1XUWZYc3p4ZWw5SmlmK0p5VVlTOEhvRW8waUJCd3gyMGlYQmIzN29xR0xpMm4xcUdISHJHMEoza0REK25ZL3NlWCtqVmNRPXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a1731a3bf5370f00020e1df5773b21b94aa3cc42332176898ee40578b22b5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://work.ink/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1505239
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=xq5njnx4cGVjVGptUGowRmRWVEhCdklUVVpJK3o3SDhwL2hxRnFHZ3NQTkk3czBRR2FGR2FDMXk0MUZtcEx0a2ptbzVkb2p2THVUaGpJV0dIWkcyNVZnMWJmZEZlTjd2dUk3dXV4Q2IxeTJSdzVoZUwxbEtJc2pNM3NzMjJTYUo3MFFjaTl1aktuNWlsZm5GcHdxdW1sRHV5M0JleWJvb1Q5dVU5T3RhZG1XUWZYc3p4ZWw5SmlmK0p5VVlTOEhvRW8waUJCd3gyMGlYQmIzN29xR0xpMm4xcUdISHJHMEoza0REK25ZL3NlWCtqVmNRPXw&cppv=2
access-control-allow-origin: https://work.ink
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 618080
content-length: 0
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
312 B 138ms
64ms XHR
application/json 34.253.253.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.253.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-253-183.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Jan 2023 23:28:51 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://work.ink
cache-control: no-cache
x-server: 10.45.13.233
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
385 B 121ms
32ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e7497c64b45314273b35a19d96f064c8a8efc774de53579f55b2e42bfe966ac8

Request headers

Referer: https://work.ink/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Jan 2023 23:28:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://work.ink
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 11 Feb 2023 23:28:51 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 336ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 12 Jan 2023 23:28:52 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 587132
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 337ms
18ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 12 Jan 2023 23:28:52 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 499505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:11:58	Name: _GRECAPTCHA Value: 09AJ4Tk-518REoJNIX3EwciC-AvcTXYJmYWfmskWwwg4AieVLF7BmmFeimUxW3JtM_12WeBzPc1u3E7ffNkgOImS0
.work.ink/	1970-01-20 18:28:46	Name: _ga Value: d025703d-1f9c-4658-901c-554559dd17d5
.work.ink/	1970-01-20 08:52:47	Name: __cf_bm Value: qtM_bGB8c.3LsBKZu.QV_jfVjYw_Z_M7NR7NJ_DiiC8-1673566129-0-AQE6T0u3U0dyOBb7ZpQthqApY3FTE6k6EaQr59I9bulx4kc406CFyegIJX4z5G5BWULCwI+ZA5EXPgYYrd4tVu6n7vSVpgukm9tkgUJtHsxO2SUmpOO5E5SnYOQDgIDBD9MKepdJo/mLAdyXMFV/YCA=
work.ink/	1970-01-20 09:35:58	Name: _pbjs_userid_consent_data Value: 3524755945110770
.work.ink/	1970-01-20 13:11:58	Name: _pubcid Value: 53577094-960a-4325-8087-ab985ef026de
work.ink/	1970-01-20 11:02:22	Name: waldo_country Value: DE
work.ink/	1970-01-20 11:02:22	Name: waldo_continent Value: EU
work.ink/	1970-01-20 11:02:22	Name: waldo_region Value: 05
work.ink/	1970-01-20 08:52:49	Name: _lr_retry_request Value: true
work.ink/	1970-01-20 09:35:58	Name: _lr_env_src_ats Value: false
work.ink/	1970-01-20 10:19:10	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-01-12T23%3A28%3A51%22%7D
.work.ink/	1970-01-20 18:14:22	Name: cto_bundle Value: _bDOkF9naFlmZiUyRnMyV2o0bkRhV3lINE9mYVlvQllWZGxPeUlrb214cjVXYWZ5YmkycXNoRmg3YmVmUlNpcWNyNjIwUXhmM0k2SE1sOXJhJTJGS21yc1ZGVlBOMjJpRTlRbm1UcTZwcjRoY28wRyUyRkY5ZDU2ZWVqQlQ0bmRhUCUyRmJMdUdFbWpV
.work.ink/	1970-01-20 18:14:22	Name: cto_bidid Value: ImQRfl8lMkZRRjhQRmtURDZIZzdpZHE5aXAyd1NCbjJKUGt0RmQ3N09QVFpFd21EVm5QWG0zUXA1UFFRQlhGRkZMQVJ1aUYxSzhtSW9qTU96MUpCMHkyWjJQYiUyRmclM0QlM0Q

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://work.ink/cdn-cgi/zaraz/s.js Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://i.ytimg.com/vi/SBWQ_08A2nY/hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://work.ink/1A1/jailbreakautorobscr Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://work.ink' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
b.sf-syn.com
cdn.confiant-integrations.net
cdn.taboola.com
cdn.thisiswaldo.com
cmp.quantcast.com
fonts.gstatic.com
gum.criteo.com
i.ytimg.com
id.crwdcntrl.net
ipfind.co
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
quantcast.mgr.consensu.org
redirect-api.work.ink
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
test.cmp.quantcast.com
thisiswaldo.com
work.ink
www.google.com
www.gstatic.com
api.rlcdn.com
151.101.193.44
178.250.0.157
184.30.21.51
2.18.233.180
2600:1901:0:8344::
2600:9000:206e:7800:f:458e:2a80:93a1
2600:9000:206f:8400:9:46dc:4700:93a1
2600:9000:206f:9c00:9:46dc:4700:93a1
2600:9000:206f:b000:6:44e3:f8c0:93a1
2600:9000:211e:8a00:3:a4cd:8380:93a1
2606:4700:20::681a:a77
2606:4700:20::681a:b77
2606:4700::6812:116b
2606:4700::6812:c5c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:80e::2004
2a00:1450:4001:830::2016
2a00:1450:400d:802::2003
2a00:1450:400d:806::2002
2a00:1450:400d:80d::2003
2a02:2638::1c
34.253.253.183
52.15.219.226
52.223.40.198
52.52.69.255
52.58.102.196
079ce932c4e27f9d00ba1d25206ffecdd59b12b2300cdad2fe68d3808523b6bf
07d8120370dfa79ce61ba3300eeab6d846107caa95de4087de412d0b4750913f
081fa5a75be4039e40d5acb7fb561a9fc07eaead31021615c3aabd90e235c5c3
0f0a49beef72fc9459a714971f7acf03361c38a609a49c89c744a293361c176e
0fab1b2783ef5afc02dd6f06f04b96311f3add1fb3e5b5c7e1282c19996e264a
13f5033c8999b1545c9ba66fbe446c2e7ad282dc1c43a53cdf3a23df33a92411
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
15d36e8f871b1cf84be33fa8f1ff0e5dc96a123ccc194da4520ae3d81b32329d
1945dd8eaeb73ea96939443a43b74255cbe99a7b0c823756a3e25a5e07b4efae
1a9a41dce59c224a6cb0a33e73b2f239e4e5ee3972556e669c7d43076d43e365
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2e25f7341c1d2fdb61ca0d7bde5ad977af0d9a2b9ab544298ad4bb4ad734a9d3
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
329490499d1946345d2639167501cfb6031e0b0459e5031937cc935bc5f9e0a4
3b41947d8ae9cd7eda97d79a9484ee4b7137353df9be94e4faa92d04e92c7a96
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9a887c456f92ae2b2d5950c184dc1fbb3353045691843d99d9254d2ecb98a5
4274543e094ff39715b0b2f65cbfa69121de40baa152c9cf11b77454a05f8284
438bdd701ce80eff5521ecf070a4eacd4bbe4caa7b2d929d960af6bc2ad3ea98
46fac2b2ddd3be32338573dfc805fb0d0534a89f28d9e90335327e28aefa41cd
4a1731a3bf5370f00020e1df5773b21b94aa3cc42332176898ee40578b22b5c2
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c2f536684fd0983d74f5cd8883fae4e75c5f575d37dd94d808bd0e60b60f4b1
4f1c8dcd932a5281f2111c3d13fc323d046351e9182d1a361c4a1364fc5a9d05
509892a6e8999c98c1378ccb82ddeb5840dff310c42d1ff3efe9b25255bddf10
5423821cb3f20e1ba6dddcd1c47a0ad3a447035b804297acbe019df502d2e7bd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4b5c38bf67a1819f545dfb6371599fc909d869cbaf67b8237ee04ffd823074
72236e8041c887927be874f0d136fc88416721d3043163e2a9791d1c44ffb750
736b1bf3be61bb9b085e251667781c1036865d522d79607757850bd167461d5c
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
83fa6784ebee363043db50681bbde69c4624f13ea9152c1758f7ca2f609ea0f4
848fe25d48f566703d7f17e091284abc77abc185bba22f44755cc0b30ad40d64
84d0540b3367aaa12d358ed9ddb64741a2e737c512046b341acc77d875b69fd1
8516259410e99f0740c9502540cf1edbad177198f6d27b6872595d43b7888d86
87771dae5b516f4806b5c381879864616104362f72eb76c46effcd5b543d5d90
8d050efc0dba3583b7021291fd3f49d2dbce8f0c145b42d69f6d192e14ba6ebb
9122995aaf7eb6fdd2cf382f313b2694f256507521cb457ec1db4adda29e5dba
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
9a06b3794324be5ebd6bea4f6d08df6334d98ced12e6c1f846198a0410cdcda6
9e15d161fe141c29bd327d419e9a995f2607a795fb0550ac2d8c26c0b077769b
a1458ad01f8958556487212d7dc5ac82e9115984cd20719652e99bff2d1766a5
a8e80e9f48f5e9f6b862e3badd843de7b23089604e85a6e2a618861958620a8a
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
ae7401289100135a04fd75996b2518395dd284453555cf4849c9933612c874d8
b51549a011472bc8d6fd8e67f5efe495ff2df3bdb7f79700483a554cf09f171f
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b5c1b6a869520bca4157c388c888ad09f47fa5661b54a32d6c97e8edde78b538
b886cbef15f578e194c5bdf8ae8ef28f1062e779b36e76585d2305a8e2e08ae4
bc2aa1f00b45b02834c934fa6f9ae6d80bbddd83c8c86ad7bdbc4165d09d80fa
bea94071903f85e6924d728112f2820c1af0792482ba5c4b1969831abcd4d7e3
c0c07d5e1cc6e9994f621fb965165bc0106d1a26a04e70bd13c0778af0b93e37
c0e2f0ab47dd12fed71145a7f4bd5ce2d4fc813e9053395bb7323f4a1836a71f
c9601ff5dce6959d5f672d657d441f2c28c0ec6901c689c96f648fa981bb5271
cf800674f7265c679a959e65b85a0539cc0f7749bc36866fb5f40d970e4909e2
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d1a11a9e9f3c7936aaf2c855d5237ebcf60882b4a70d3b5661af4b233a512003
e15149d4fea8bf7d7c5c4a6236fb54e0fef25c438d68062c0fb91e7f8fca0ab0
e1a51d093861d3c08bb1c73d720fa5e45f3796a8f19694621ec6a7a79fce2b01
e1cb9da23d175509a2b08b74bc9239955ac1e6f00527c635f6dde34a98cc3a21
e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd
e7497c64b45314273b35a19d96f064c8a8efc774de53579f55b2e42bfe966ac8
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f50b2170b943929cf0fd3ad43b6534bba3b5e2962c4cfc27cdbf50991669d33e
f53f9afbb6a0f62b16d447aaf8f806a540901d9e9895a1435bb4a07c6edee290
fc1ab325ed643ecae84980c0a9c881e90cf62f5e87da4c798f8b6b696aa7d0ba

work.ink Open in urlscan Pro 2606:4700:20::681a:b77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

65 %IPv6

21 Domains

27 Subdomains

27 IPs

4 Countries

2153 kBTransfer

5109 kBSize

13 Cookies

1 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

work.ink Open in urlscan Pro
2606:4700:20::681a:b77 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

27
IPs

4
Countries

2153 kB
Transfer

5109 kB
Size

13
Cookies

83 HTTP transactions
2 data transactions