www.workingadvantage.com Open in urlscan Pro
166.78.205.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u10958595.ct.sendgrid.net/wf/click?upn=Iq4N2wcweciinxq-2FoGMJG9CrsvQeMrrURNuaxaCe2CRLVPfQGV5vlKWqZ4EknzJ1BCk5DY-2BqBRd6YGY...
Effective URL:
https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b48636...
Submission: On February 21 via manual (February 21st 2020, 4:02:46 am UTC) from PH

Summary HTTP 97 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 29 domains to perform 97 HTTP transactions. The main IP is 166.78.205.49, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is www.workingadvantage.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 19th 2019. Valid for: 2 years.

This is the only time www.workingadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.54 167.89.115.54	11377 (SENDGRID) (SENDGRID)
32	166.78.205.49 166.78.205.49	19994 (RACKSPACE) (RACKSPACE)
1	52.87.80.26 52.87.80.26	14618 (AMAZON-AES) (AMAZON-AES)
5	2.21.37.83 2.21.37.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.202.98 143.204.202.98	16509 (AMAZON-02) (AMAZON-02)
2	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	34.243.44.116 34.243.44.116	16509 (AMAZON-02) (AMAZON-02)
2	13.35.254.29 13.35.254.29	16509 (AMAZON-02) (AMAZON-02)
1	143.204.208.154 143.204.208.154	16509 (AMAZON-02) (AMAZON-02)
2	52.73.0.192 52.73.0.192	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO)
1	52.208.212.211 52.208.212.211	16509 (AMAZON-02) (AMAZON-02)
4	18.138.216.223 18.138.216.223	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	34.197.14.190 34.197.14.190	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2.21.36.101 2.21.36.101	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	91.228.74.152 91.228.74.152	27281 (QUANTCAST) (QUANTCAST)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1 2	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	169.60.153.61 169.60.153.61	36351 (SOFTLAYER) (SOFTLAYER)
5	207.244.84.210 207.244.84.210	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01)
1	104.111.214.115 104.111.214.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:6e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	35.172.8.7 35.172.8.7	14618 (AMAZON-AES) (AMAZON-AES)
1	91.228.74.145 91.228.74.145	27281 (QUANTCAST) (QUANTCAST)
1	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
3	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	3.213.23.99 3.213.23.99	14618 (AMAZON-AES) (AMAZON-AES)
1	66.117.29.3 66.117.29.3	15224 (OMNITURE) (OMNITURE)
3	169.48.74.156 169.48.74.156	36351 (SOFTLAYER) (SOFTLAYER)
1	169.60.140.161 169.60.140.161	36351 (SOFTLAYER) (SOFTLAYER)
2 2	52.49.13.31 52.49.13.31	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.123.193 52.214.123.193	16509 (AMAZON-02) (AMAZON-02)
1	54.244.36.123 54.244.36.123	16509 (AMAZON-02) (AMAZON-02)
97	41

1 167.89.115.54 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net

u10958595.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 166.78.205.49 (San Antonio, United States)

ASN19994 (RACKSPACE, US)
PTR: WorkingAdvantage.com

www.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.80.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-80-26.compute-1.amazonaws.com

initjs.rfk.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.37.83 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-37-83.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-98.fra53.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.243.44.116 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.254.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-29.fra6.r.cloudfront.net

d26opx5dl8t69i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.154 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-154.fra53.r.cloudfront.net

d1stxfv94hrhia.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.0.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-0-192.compute-1.amazonaws.com

alweb.rfk.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO, US)

409-bcn-480.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.212.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

entertainmentbenefitsgroupllc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.138.216.223 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-216-223.ap-southeast-1.compute.amazonaws.com

smetrics.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.14.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-14-190.compute-1.amazonaws.com

waves.retentionscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.36.101 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-36-101.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.152 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f38.1e100.net

6479484.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

9767737.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.60.153.61 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 3d.99.3ca9.ip4.static.sl-reverse.com

dx.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 207.244.84.210 (Alexandria, United States)

ASN30633 (LEASEWEB-USA-WDC-01, US)

n2.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.214.115 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-115.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.172.8.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-8-7.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.145 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.23.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-23-99.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.3 (United States)

ASN15224 (OMNITURE, US)

entertainmentbenefit.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.48.74.156 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: 9c.4a.30a9.ip4.static.sl-reverse.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.60.140.161 (United States)

ASN36351 (SOFTLAYER, US)
PTR: a1.8c.3ca9.ip4.static.sl-reverse.com

ww.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.13.31 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-13-31.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.123.193 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-123-193.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.244.36.123 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-36-123.us-west-2.compute.amazonaws.com

cookie-sync-service-prod.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	workingadvantage.com www.workingadvantage.com initjs.rfk.workingadvantage.com alweb.rfk.workingadvantage.com smetrics.workingadvantage.com	1 MB
7	mouseflow.com 1 redirects cdn.mouseflow.com n2.mouseflow.com	55 KB
6	steelhousemedia.com dx.steelhousemedia.com px.steelhousemedia.com ww.steelhousemedia.com cookie-sync-service-prod.steelhousemedia.com	8 KB
6	doubleclick.net 3 redirects stats.g.doubleclick.net 6479484.fls.doubleclick.net 9767737.fls.doubleclick.net googleads.g.doubleclick.net	3 KB
5	demdex.net 1 redirects dpm.demdex.net entertainmentbenefitsgroupllc.demdex.net	3 KB
5	adobedtm.com assets.adobedtm.com	99 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
3	nr-data.net bam.nr-data.net	657 B
3	cloudfront.net d26opx5dl8t69i.cloudfront.net d1stxfv94hrhia.cloudfront.net	92 KB
3	boomtrain.com cdn.boomtrain.com people.api.boomtrain.com events.api.boomtrain.com	26 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	981 B
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	330 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	59 KB
2	googletagmanager.com www.googletagmanager.com	54 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	marketo.net munchkin.marketo.net	6 KB
1	omtrdc.net entertainmentbenefit.tt.omtrdc.net	429 B
1	newrelic.com js-agent.newrelic.com	14 KB
1	qualtrics.com zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com	19 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	quantcount.com rules.quantcount.com	355 B
1	retentionscience.com waves.retentionscience.com	205 B
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	mktoresp.com 409-bcn-480.mktoresp.com	303 B
1	sendgrid.net 1 redirects u10958595.ct.sendgrid.net	371 B
97	29

	Domain	Requested by
32	www.workingadvantage.com	www.workingadvantage.com
5	n2.mouseflow.com	www.workingadvantage.com
5	assets.adobedtm.com	www.workingadvantage.com assets.adobedtm.com
4	smetrics.workingadvantage.com	www.workingadvantage.com
4	dpm.demdex.net	1 redirects www.workingadvantage.com
3	px.steelhousemedia.com	www.workingadvantage.com
3	bam.nr-data.net	www.workingadvantage.com
3	fonts.googleapis.com	www.workingadvantage.com
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	9767737.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6479484.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google.de	www.workingadvantage.com
2	www.google.com	1 redirects www.workingadvantage.com
2	cdn.mouseflow.com	1 redirects www.workingadvantage.com
2	www.googletagmanager.com	www.workingadvantage.com
2	www.google-analytics.com	1 redirects www.workingadvantage.com
2	fonts.gstatic.com	www.workingadvantage.com
2	alweb.rfk.workingadvantage.com	www.workingadvantage.com
2	d26opx5dl8t69i.cloudfront.net	initjs.rfk.workingadvantage.com www.workingadvantage.com
2	munchkin.marketo.net	www.workingadvantage.com
1	cookie-sync-service-prod.steelhousemedia.com
1	ww.steelhousemedia.com	www.workingadvantage.com
1	entertainmentbenefit.tt.omtrdc.net	www.workingadvantage.com
1	events.api.boomtrain.com	www.workingadvantage.com
1	js-agent.newrelic.com	www.workingadvantage.com
1	zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com	www.workingadvantage.com
1	pixel.quantserve.com	www.workingadvantage.com
1	people.api.boomtrain.com	www.workingadvantage.com
1	googleads.g.doubleclick.net	www.workingadvantage.com
1	www.googleadservices.com	www.workingadvantage.com
1	rules.quantcount.com	www.workingadvantage.com
1	secure.livechatinc.com	www.workingadvantage.com
1	dx.steelhousemedia.com	www.workingadvantage.com
1	stats.g.doubleclick.net	1 redirects
1	secure.quantserve.com	www.workingadvantage.com
1	cdn.livechatinc.com	www.workingadvantage.com
1	waves.retentionscience.com	www.workingadvantage.com
1	ajax.googleapis.com	www.workingadvantage.com
1	cm.everesttech.net	1 redirects
1	entertainmentbenefitsgroupllc.demdex.net	www.workingadvantage.com
1	409-bcn-480.mktoresp.com	www.workingadvantage.com
1	d1stxfv94hrhia.cloudfront.net	www.workingadvantage.com
1	cdn.boomtrain.com	www.workingadvantage.com
1	initjs.rfk.workingadvantage.com	www.workingadvantage.com
1	u10958595.ct.sendgrid.net	1 redirects
97	46

This site contains links to these domains. Also see Links.

Domain
workingadvantage.com

Subject Issuer	Validity	Valid
www.workingadvantage.com Go Daddy Secure Certificate Authority - G2	`2019-09-19` - `2021-11-18`	2 years	crt.sh
*.rfk.plumbenefits.com Amazon	`2019-05-14` - `2020-06-14`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
cdn.boomtrain.com Amazon	`2019-05-12` - `2020-06-12`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
smetrics.workingadvantage.com DigiCert SHA2 High Assurance Server CA	`2019-03-24` - `2020-06-26`	a year	crt.sh
retentionscience.com Amazon	`2019-11-22` - `2020-12-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.mouseflow.com COMODO RSA Domain Validation Secure Server CA	`2017-04-25` - `2020-05-09`	3 years	crt.sh
*.livechatinc.com DigiCert ECC Secure Server CA	`2019-02-10` - `2020-05-11`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2	`2018-06-16` - `2020-07-15`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.api.boomtrain.com Amazon	`2020-01-13` - `2021-02-13`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.tt.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2017-10-19` - `2020-11-25`	3 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Frame ID: 343EBAA7197F82AC82D86490EC585CA9
Requests: 94 HTTP requests in this frame

Frame: https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0
Frame ID: 234A1AB4AF7AE8D80B7545935E38565E
Requests: 1 HTTP requests in this frame

Frame: https://6479484.fls.doubleclick.net/activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Frame ID: 4F7DE250F0CA22AB31C63301C4E6CF04
Requests: 1 HTTP requests in this frame

Frame: https://9767737.fls.doubleclick.net/activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Frame ID: 3CEF721B2C70798B317FAE1BE4E9E3D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u10958595.ct.sendgrid.net/wf/click?upn=Iq4N2wcweciinxq-2FoGMJG9CrsvQeMrrURNuaxaCe2CRLVPfQGV5vlKWqZ4Ekn... HTTP 302
https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.livechatinc\.com\/.*tracking\.js/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.mouseflow\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

SiteCatalyst (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/s[_-]code.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

97
Requests

100 %
HTTPS

22 %
IPv6

29
Domains

46
Subdomains

41
IPs

9
Countries

1814 kB
Transfer

2793 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://workingadvantage.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://workingadvantage.com/terms.php
Title: Terms & Conditions of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u10958595.ct.sendgrid.net/wf/click?upn=Iq4N2wcweciinxq-2FoGMJG9CrsvQeMrrURNuaxaCe2CRLVPfQGV5vlKWqZ4EknzJ1BCk5DY-2BqBRd6YGYiksq-2FM7FdcHqVQh0DyC00tyzoUwIc-2FhixS9qrSZLpEiezpY-2F0FRN5FF7pQOw83WNg7dBy-2Fk9npejjGU6lDm2sLLil6I-2FoFy5-2Bx5sDJw4lIYGPyPBM-2BI0kRUvJ-2FFUDsoCLhWSB4XMNWROe1e04VXsVbJmq8Y0=_biE8hvJz6mGhCuGpdRULTDfYjllH7koy4Ag9wdzLDt2n7s-2BqwaynsGFGyahNE8txGqeFlrp-2BzTuLWW88T0B-2B4OIHiF3Cly8OD5qr9RPIqWbEgRFrg5ZVf13QBzeJ1hNCr1HFdATAdOTd7BOOlPrIW0lKGgB0RhT7LpZS0VU-2BYugqsNt5NpQq-2BOfZxieAJuyu-2BndqQxlMPNMhlWlXEVZisXTEC3FmrARYSvW78OcLcTs= HTTP 302
https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=36985037840661407153060590373020960024 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xk9WVQAAAZEjMxTJ

Request Chain 54

https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c.js HTTP 301
https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js

Request Chain 62

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=227153771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&ul=en-us&de=UTF-8&dt=Working%20Advantage&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=IEBAAAAB~&jid=251247331&gjid=1097870980&cid=1243003326.1582257750&tid=UA-4045288-1&_gid=1927861352.1582257750&_r=1&z=1287597177 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_gid=1927861352.1582257750&gjid=1097870980&_v=j81&z=1287597177 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177&slf_rd=1&random=1815355382

Request Chain 63

https://6479484.fls.doubleclick.net/activityi;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229 HTTP 302
https://6479484.fls.doubleclick.net/activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

Request Chain 64

https://9767737.fls.doubleclick.net/activityi;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229 HTTP 302
https://9767737.fls.doubleclick.net/activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

Request Chain 91

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=c29120e9-42a9-350e-b834-c9935dd9dd89&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=c29120e9-42a9-350e-b834-c9935dd9dd89&gdpr=&gdpr_consent= HTTP 302
https://px.steelhousemedia.com/tdsync?tdid=d074f955-54dc-4107-9341-323d2d766652&shguid=c29120e9-42a9-350e-b834-c9935dd9dd89

Request Chain 92

https://match.prod.bidr.io/cookie-sync/steelhouse?buyer_user_id=c29120e9-42a9-350e-b834-c9935dd9dd89 HTTP 303
https://match.prod.bidr.io/cookie-sync/steelhouse?buyer_user_id=c29120e9-42a9-350e-b834-c9935dd9dd89&_bee_ppp=1 HTTP 303
https://cookie-sync-service-prod.steelhousemedia.com/mapping/beeswax?shguid=c29120e9-42a9-350e-b834-c9935dd9dd89&partnerguid=AAV2D068nq0AABwixIhXiA

97 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set account.php Show response
www.workingadvantage.com/
Redirect Chain

https://u10958595.ct.sendgrid.net/wf/click?upn=Iq4N2wcweciinxq-2FoGMJG9CrsvQeMrrURNuaxaCe2CRLVPfQGV5vlKWqZ4EknzJ1BCk5DY-2BqBRd6YGYiksq-2FM7FdcHqVQh0DyC00tyzoUwIc-2FhixS9qrSZLpEiezpY-2F0FRN5FF7pQOw8...
https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

397 KB
397 KB

818ms
357ms

Document
text/html

166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e7851f93c4ecc29136aae5d0705a34931d00987644f9e620d3ea6b67c2df9b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.workingadvantage.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: SAMEORIGIN
Referrer-Policy: unsafe-url
Set-Cookie: PHPSESSID=gl7tlpejproptm72a8da60tn00; path=/; secure; HttpOnly WORKINGADVANTAGE=!QkX2Hyk0921aObqS4MyeX45GvBTKYGw0Ka2O1vN1CTD5JhSV8olZ+uttmnZ5VaL7IUmMgTRoFdYQREA=; path=/; Httponly; Secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Server: nginx
Date: Fri, 21 Feb 2020 04:02:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK li.js Show response
www.workingadvantage.com/common_resources/js/ 19 KB
20 KB 659ms
110ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/js/li.js

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

a5623027332c42fb348637cf428ad2ec1e727001f5ba186647364670ab107e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 19726
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 10 Dec 2019 22:54:51 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4d0e-599616650c4c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2 200 init.js Show response
initjs.rfk.workingadvantage.com/rfk/js/11273-152007103/ 15 KB
7 KB 438ms
108ms Script
application/javascript 52.87.80.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://initjs.rfk.workingadvantage.com/rfk/js/11273-152007103/init.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.80.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-80-26.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: ceb061fcb384e46e51ab6e4907829a41c5101a055705e318d30c410cd7f1f2ca

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

status: 200
date: Fri, 21 Feb 2020 04:02:28 GMT
cache-control: max-age=600
expires: Fri, 21 Feb 2020 04:12:28 GMT
server: gunicorn/19.6.0
content-encoding: gzip
content-type: application/javascript

GET
H2 200 satelliteLib-b2d774369e1146918664cbdd2d0ea1d25bdc3ba7.js Show response
assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/ 189 KB
53 KB 91ms
49ms Script
application/x-javascript 2.21.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/satelliteLib-b2d774369e1146918664cbdd2d0ea1d25bdc3ba7.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 411a2459f4276ccf8a4c59fcc1b812793ac61178f08dad113e6020ca3f51cd66

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:28 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 14:41:39 GMT
server: AkamaiNetStorage
etag: "e4beecd6967b80377353d124852eb712:1578321699.848561"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 53485
expires: Fri, 21 Feb 2020 05:02:28 GMT

GET
H/1.1 200
OK reset.css
www.workingadvantage.com/css/ 1 KB
2 KB 243ms
121ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/reset.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1091
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "443-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK grid.css
www.workingadvantage.com/css/ 4 KB
4 KB 328ms
112ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/grid.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

d5630dd7ccdf3c5ebf9d77312e683ceb1825646177a6d253fc7b3fc3932fbac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3748
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "ea4-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK site.css
www.workingadvantage.com/css/ 52 KB
52 KB 336ms
115ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/site.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3f56d58ffa09cbe576c34da52c7bfd58d6404f1833f3e4fb9aff906066a4cc29

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 53101
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 30 Jan 2020 18:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "cf6d-59d5fee1ec080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min.css
www.workingadvantage.com/css/ui-lightness/ 27 KB
27 KB 347ms
119ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/ui-lightness/jquery-ui-1.10.3.custom.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27155
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:26:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6a13-55876360166c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK chosen.min.css
www.workingadvantage.com/css/ 11 KB
12 KB 348ms
119ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/chosen.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 11634
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2d72-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.workingadvantage.com/css/ 27 KB
27 KB 362ms
117ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/font-awesome.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

4bcb0f820377a5dc80f3f43d991c950d5442ad601328305c0b52785c984bce48

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27448
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6b38-5587637235180"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK menu_default.css
www.workingadvantage.com/css/ 10 KB
11 KB 441ms
111ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/menu_default.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e4ddfa2712534606964e953fb319cf81f5e7e0d6e4a8e9fde6995f164a2efdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10446
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 30 Jan 2020 18:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "28ce-59d5fee1ec080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK accounts_recoverpass.css
www.workingadvantage.com/css/ 2 KB
3 KB 469ms
119ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/accounts_recoverpass.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

569d06c50baf74a0eb6c7499749c4ffcef893058a6119f7250bdcdc44ced4387

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2550
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "9f6-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
578 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d9e06c8582a76404d1268e85def103900cd1515a88e96ca31adfbe49e3f3d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 04:02:28 GMT
server: ESF
date: Fri, 21 Feb 2020 04:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
591 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d93e854f26f6c8c4a855ff7ceaebf7c5d28d483d16db587a06577f50eb832e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 04:02:28 GMT
server: ESF
date: Fri, 21 Feb 2020 04:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
915 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Open+Sans:400,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40b012b2ce3cbe534bab0f144849518b034cc8c91c1b8f9997ae4debb79f8d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 04:02:28 GMT
server: ESF
date: Fri, 21 Feb 2020 04:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Feb 2020 04:02:28 GMT

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
www.workingadvantage.com/js/ 86 KB
87 KB 461ms
116ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/jquery-3.4.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 88145
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 07 Aug 2019 17:13:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "15851-58f8a10c29640"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK jquery-ui-1.12.1.custom.min.js Show response
www.workingadvantage.com/js/ 248 KB
248 KB 480ms
118ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/jquery-ui-1.12.1.custom.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 253680
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 08 Jul 2019 13:02:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3def0-58d2b0df7b140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK jquery-migrate-3.0.0.min.js Show response
www.workingadvantage.com/js/ 7 KB
7 KB 481ms
117ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/jquery-migrate-3.0.0.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7084
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 08 Jul 2019 13:02:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1bac-58d2b0df7b140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK chosen.jquery.min.js Show response
www.workingadvantage.com/js/ 25 KB
26 KB 545ms
114ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/chosen.jquery.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25689
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:28:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6459-5587639b37240"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK site.js Show response
www.workingadvantage.com/js/ 58 KB
59 KB 562ms
110ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/site.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

7b4882bcd704237cb17946569e9c3706679476f44ca99ca2bb3ce0c084ec2a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 59760
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 30 Jan 2020 18:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "e970-59d5fee1ec080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK menu_default.js Show response
www.workingadvantage.com/js/ 24 B
558 B 600ms
117ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/menu_default.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 07 Jan 2019 14:44:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "18-57edf427f5080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H/1.1 200
OK loading2.gif
www.workingadvantage.com/img/ 2 KB
2 KB 175ms
122ms Image
image/gif 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/loading2.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1924
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 31 Mar 2014 19:04:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "784-4f5ebb8d61480"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK big_logo.png
www.workingadvantage.com/img/ 8 KB
9 KB 113ms
113ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/big_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

ebb8b0b73ecae21b1840d76dbf4f67f96ac8e821d437166e74400227766ae75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 8509
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 10 Nov 2015 14:08:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "213d-524303e6e4f00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK header_3_photos.jpg
www.workingadvantage.com/img/ 62 KB
63 KB 118ms
118ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/header_3_photos.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

a3474e90fcaf8a272c9fb30a31f6250ed63159d65cd711bb2f59003f7a7f3767

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 63518
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 21 Oct 2015 15:30:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "f81e-5229f104a4300"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK best_rate_guarantee_for_dark.png
www.workingadvantage.com/img/ 16 KB
16 KB 122ms
122ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/best_rate_guarantee_for_dark.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

6c81f4dfe91ce41444220ac866f74c8aeed63b3341fef207bc5a36641b765f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 16298
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 05 Feb 2014 21:29:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3faa-4f1af720f0380"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK account_recover_password_hero.jpg
www.workingadvantage.com/img/ 54 KB
55 KB 112ms
112ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/account_recover_password_hero.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

4b3fef76691d4b24377f77b4f5aee5fcb46a165394f104d3092f6be4114c80ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 55547
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 05 Feb 2014 21:28:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "d8fb-4f1af71e13cc0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK payment_option_logos.png
www.workingadvantage.com/img/ 12 KB
12 KB 114ms
114ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/payment_option_logos.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3ff90e45faf4f1517337648274a38902d62cb6e0ee6dc5961a41383d348608fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12229
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 25 Feb 2016 16:23:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2fc5-52c9a9ab9b200"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK security_logos.png
www.workingadvantage.com/img/ 11 KB
11 KB 117ms
116ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/security_logos.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

38146b44624d2d25cb7cd5a6970ac3125fdf550fc88003c9e1d6c075916e496f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10797
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 25 Feb 2016 16:23:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2a2d-52c9a9ab9b200"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H/1.1 200
OK logo.svg
www.workingadvantage.com/img/ 7 KB
8 KB 114ms
114ms Image
image/svg+xml 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/logo.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

7c8b033cc69116a4670f6828ace15adda22d4d3ed1bb17e31daea73abbdfbede

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7497
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 27 Aug 2018 15:48:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1d49-5746ca90c5140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Thu, 21 May 2020 04:02:29 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/ebg-wa/ 78 KB
25 KB 680ms
541ms Script
application/javascript 143.204.202.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/ebg-wa/p13n.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-98.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d1998a0a303022e33a272f68338bb397f8343861ce8f0b88a10fae22240125c

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Feb 2020 00:00:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: e3zBo97eJD9puqUFIv3XSd72Z5qqg37vNPbpscV__dffM8BudwsksQ==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 85ms
26ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 924ce09c1b46893447425d2af30b82434d01fdcdcac8fd9d09d81a99144e579d

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Feb 2020 03:45:49 GMT
Server: Apache
ETag: "429cf8ee043fe9d0a142c6014f5731b4:1582256749"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 751

GET
H/1.1

302
Found

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219

0
-1 B

119ms
31ms

XHR

34.243.44.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.44.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219
X-TID: ouULy3kcRW4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.workingadvantage.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.workingadvantage.com
X-TID: ouULy3kcRW4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mbox-contents-b1ea9a10f88408ebe5a90e42e9c940e2a6646ec8.js Show response
assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/ 93 KB
31 KB 21ms
20ms Script
application/x-javascript 2.21.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/mbox-contents-b1ea9a10f88408ebe5a90e42e9c940e2a6646ec8.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/satelliteLib-b2d774369e1146918664cbdd2d0ea1d25bdc3ba7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85df451196ff247226e6263576c869ad7d1055db645cc9129e19264dd8298bf4

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
last-modified: Thu, 12 Dec 2019 15:37:08 GMT
server: AkamaiNetStorage
etag: "a8d024e571ed66392134f84ccf97e731:1576165028.760902"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 31593
expires: Fri, 21 Feb 2020 05:02:29 GMT

GET
H2 200 satellite-5d2e339764746d6620002690.js Show response
assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/scripts/ 721 B
465 B 29ms
29ms Script
application/x-javascript 2.21.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/scripts/satellite-5d2e339764746d6620002690.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/satelliteLib-b2d774369e1146918664cbdd2d0ea1d25bdc3ba7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9afb8890d9090a597d1420802b145290a5d3a24002de5bc1639d181f261a622d

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 14:41:40 GMT
server: AkamaiNetStorage
etag: "e5c00328b85be1a72494208a0bfee67b:1578321700.654856"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 221
expires: Fri, 21 Feb 2020 05:02:29 GMT

GET
H2 200 s-code-contents-655d14e7d06b5b6975e713cf191769383cce5e6e.js Show response
assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/ 36 KB
14 KB 29ms
28ms Script
application/x-javascript 2.21.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/s-code-contents-655d14e7d06b5b6975e713cf191769383cce5e6e.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/satelliteLib-b2d774369e1146918664cbdd2d0ea1d25bdc3ba7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 14:41:40 GMT
server: AkamaiNetStorage
etag: "ab9119b3840996e6421fecd8e0bfcd8c:1578321700.139198"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 13950
expires: Fri, 21 Feb 2020 05:02:29 GMT

GET
H2 200 reflektion.js Show response
d26opx5dl8t69i.cloudfront.net/js/ 86 KB
39 KB 88ms
31ms Script
application/javascript 13.35.254.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26opx5dl8t69i.cloudfront.net/js/reflektion.js?t=879008
Requested by: Host: initjs.rfk.workingadvantage.com
URL: https://initjs.rfk.workingadvantage.com/rfk/js/11273-152007103/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ed937956d0f38453c22b861247c28119c600b1d19912c7ffafaf82c7e7a83e1

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: RlUYFaMgqBlBx8s1N3dSKFCh024PS3Je
content-encoding: gzip
age: 1821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
date: Fri, 21 Feb 2020 03:32:19 GMT
content-length: 39050
last-modified: Mon, 11 Nov 2019 20:47:44 GMT
server: AmazonS3
etag: "70c753385b79a256c9bc396224ffb51e"
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: QOiRhMNsF74it-TbpcpIOATKkv_9iQwXgGV8_RqwolzQlcxWyMQ_nw==

GET
H/1.1 200
OK w.js Show response
d1stxfv94hrhia.cloudfront.net/waves/v2/ 52 KB
17 KB 98ms
20ms Script
application/javascript 143.204.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1stxfv94hrhia.cloudfront.net/waves/v2/w.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.154 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-154.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df002813cb6912b04dc298f57cc51635297a2f5dac78e6153b8f39648306d07f

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 01:56:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Oct 2018 01:32:55 GMT
Server: AmazonS3
Age: 7556
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
X-Amz-Cf-Id: u35gTxNyuC6BQoMlqalYgQxxU6RgMsDDFEeqjOJH1HrOp5qemRVAyg==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/157/ 9 KB
5 KB 26ms
26ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/157/munchkin.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 640a401ef807204873f6f29f1825bf7400035432bdfd51361edc487d17099df0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Nov 2019 01:52:19 GMT
Server: Apache
ETag: "8b51a976b2f24b5c747cd9dff2d593ed:1572573139"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4265
Expires: Sun, 31 May 2020 04:02:29 GMT

GET
H2 200 jquery-1.11.0.js Show response
d26opx5dl8t69i.cloudfront.net/js/ 105 KB
37 KB 22ms
22ms Script
application/javascript 13.35.254.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26opx5dl8t69i.cloudfront.net/js/jquery-1.11.0.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-29.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e15ee4f79f22fa7f76f3e238c5ac9d4883c49b7952beff47a2845f13bc3d917c

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 19 Dec 2019 00:30:30 GMT
content-encoding: gzip
age: 3534727
x-cache: Hit from cloudfront
status: 200
content-length: 37037
last-modified: Fri, 06 Jun 2014 00:19:32 GMT
server: AmazonS3
etag: "80ab6df7a55316631deed4d3b80a413a"
x-amz-version-id: null
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: max-age=31556926
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: JqIOCXZvb8VDi1Y_2w8jhMnR6gVxl6XfslF-Wm4Y76K5MEgJGHZiOw==

GET
H2 200 an
alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/ 44 B
162 B 346ms
110ms Image
image/gif 52.73.0.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/an?data=1,uO9GsO8W8z8McjANc34Ubz8Mcj4yb29Qt28W8BtLsCJFrCswgmhSomVQomtB8yMytmBA8zEycjkOc30Tcj0Pbj1UbmJWbjhJbj5MbnwMt6dFcmpMu7xEtSNWtC9Od7hKbj4Re38OdjsTd3APczgyb29EsO8W8DtTtOVTrT9HqmVDomhSomVQomtBbCdLri8I8DlOqi8W8yZxoSdLtmVQbD1Es3ZPtm8ZsClPpnhMondP9ClJomBIfmJxt6xVon9xqS5HqikQc6hBr7hBqOVzrSQCq65Pq3RAoSoMcPoVpz9BdzBCdzkUe65ye39AcCgOojlyd3wScPoPdPANdmpBp6cUpmkVc64Pdj9Comhyp3sSe3wUcz8V8yMyt71P8zENdjwOczkTdPgVcP8Qb29QoTcyez4Re38OdjsTd3APczgI8Dpz8zENb29MoO8WciMytD1z8zENb29Qc70yez4Re38OdjsTd3oPcP0I8DgMqi8WcjkUcz8RdPsQej8OdyMyt30yez4Re38OdjsTd3APczgI8DhPqi8WcjkUcz8RdPsQe3APc2MysSBA8zEycj0RcyUTc2UQe2UNdjwMciUPcPANeiUTdC4Qoz0Mc3gNdP8JdjwJcz0Oc30OcjsKcjoNdP8P8yMyoScyezcMdjoUb29zt28WcjkUcz8NdjkVeiUUb29OoScyezcMcPwPb29zsT0yeDIyoy8Wc2Myt28Wc2MysT0yez0I8Ccyez1Zb29Quy8Wbj4I8CtBrO8WuO9z8zEykCZLsSlKp65xr28I8DhW8zEOb29Fs28W8zwRbz4ReiUOcPsKdzoyb29K8zEyjAMyb29O8zEyjCZLsCgJgD9xoC5Kt28I8DEyey8QdP0U8DQI8Dlxq28W8CFCp7sQc7lBrjlWdi8I8C9MsO8WmRQI8DdO8zFrcjoMc2MNcz0MniMytTcyeBINdz0Mb34Oc31tb29A8zEys6cyb29coSIyezkNeiMyoDdP8zEycj4M8yMys78yey9Aqn9BoTgyb29zoSIyey9KflZDoONCfmtzb7cZciNzfj8Ve3AIt78ZejkIsCUZdj4Nb7hPfj8Mcz0Mcz8Nbz0Qc38Ip3RMoPJKfndyciNCfndyb7cZciNzfj8Mcj4It3QOc34Ucj8MdyUMc3kQeSUZsDsNb6oZsDsIsPQNb6cZcz0Nd2NQfj8McjwNcz0Sbz0Mdjgyb29Q8zENdjwOczkTdPgVcPgSvg,,&C=1,uO8AuSxZb2hXt7QI97JAviNRsSlO8zENb28AuSxZb2hXl7QI97JAviNRsSlO8zENb28AuSxZb2hXt7QI97JAviNFrCBQqDcyez4I8yhXq7QI97JQviMAuShZb7pFpnsyez4I8yhXq7QI97JkviMAuShZb71SqmlT8zENb28AuSxZb2hXt7QI97JAviNSqndFt28WciMy97JEviMAuRhZb2hXp7QIp7gNs7gMs3EO8zENb28AuSxZb2hXl7QI97JAviNAt31Qcn0Wc28WciMy97JEviMAuRhZb2hXp7QIp7gMt31Fez0yez4I8yhXq7QI97JkviMAuShZb71zez4yez4I8ChE8zEycjkOc30Tcj0P8yMyp28W8D1z8DQ,&t=1582257749349
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.0.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-0-192.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 21 Feb 2020 04:02:29 GMT
last-modified: Wed, 21 Aug 2019 18:40:02 GMT
server: gunicorn/19.6.0
content-length: 44
content-type: image/gif

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ 388 B
1 KB 32ms
32ms XHR
application/json 34.243.44.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1582257749219

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.44.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

22f49589fdb3e047c453c99374cbfab197f69349f546d37cd3c69a94c07aef65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v061-0df55d2f5.edge-irl1.demdex.com 5.65.0.20200212140016 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: Yoz7easJQBI=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.workingadvantage.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 317
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
409-bcn-480.mktoresp.com/webevents/ 2 B
303 B 792ms
162ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://409-bcn-480.mktoresp.com/webevents/visitWebPage?_mchNc=1582257749355&_mchCn=&_mchId=409-BCN-480&_mchTk=_mch-workingadvantage.com-1582257749354-87737&_mchHo=www.workingadvantage.com&_mchPo=&_mchRu=%2Faccount.php&_mchPc=https%3A&_mchVr=157&_mchEcid=&_mchHa=&_mchRe=&_mchQp=sub%3Dresetpass__-__email%3Dkathyarakaki%40deltek.com__-__hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 04:02:30 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: f6c461da-b846-49c2-8f16-5197e19918c8
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK Cookie set dest5.html
entertainmentbenefitsgroupllc.demdex.net/ Frame 234A 0
0 193ms
32ms Document
text/html 52.208.212.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.212.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-212-211.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: entertainmentbenefitsgroupllc.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=36985037840661407153060590373020960024
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 19 Feb 2020 10:31:48 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=36985037840661407153060590373020960024;Path=/;Domain=.demdex.net;Expires=Wed, 19-Aug-2020 04:02:29 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: Si1T33w8TEU=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
smetrics.workingadvantage.com/ 48 B
495 B 1156ms
253ms XHR
application/x-javascript 18.138.216.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.workingadvantage.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&mid=37017901117937222603059555328767229095&ts=1582257749396

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.216.223 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-216-223.ap-southeast-1.compute.amazonaws.com

Software

jag /

Resource Hash

2fe189df98f36027a498c042a37b2658cf7427ef18abb4965cefd1b9da9b79c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 21 Feb 2020 04:02:30 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-665bcdccf8-qlb6n
vary: Origin
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xk9WVQAAAZEjMxTJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=36985037840661407153060590373020960024
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xk9WVQAAAZEjMxTJ

42 B
915 B

31ms
30ms

Image
image/gif

34.243.44.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xk9WVQAAAZEjMxTJ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.44.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-44-116.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v061-03d901e35.edge-irl1.demdex.com 5.65.0.20200212140016 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 2efrEnH1RyM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 21 Feb 2020 04:02:28 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xk9WVQAAAZEjMxTJ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 22 Jan 2020 05:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2585874
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 05:44:35 GMT

GET
H/1.1 200
OK wave Show response
waves.retentionscience.com/ 2 B
205 B 423ms
102ms Script
text/javascript 34.197.14.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://waves.retentionscience.com/wave?wave=%7B%22version%22%3A%221.0%22%2C%22site_id%22%3A%22244%22%2C%22arrival_time%22%3A1582257749403%2C%22arrival_uri%22%3A%22https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229%22%2C%22page_title%22%3A%22Working+Advantage%22%2C%22user_agent%22%3A%22Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F74.0.3729.169+Safari%2F537.36%22%2C%22language%22%3A%22en-US%22%2C%22fingerprint%22%3A%2226a36c6e1f8bd6deb4f070ec91d3a43a%22%2C%22rsci_vid%22%3A%2224b5297c-5fb3-984a-9663-07cd24d633c5%22%2C%22action%22%3A%22view%22%7D&_=1582257749419
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.14.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-14-190.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 04:02:29 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2
Status: 200 OK
Content-Type: text/javascript

POST
H/1.1 200
OK li.php Show response
www.workingadvantage.com/common_resources/ 699 B
1 KB 264ms
185ms XHR
application/json 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/li.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3cdc141b3677c55a55a839c6bfcfb9143e15d7189ca1b6398f86a51fba45013f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XA4PUldACQMDUlhRAQc=
Origin: https://www.workingadvantage.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
Connection: Keep-Alive
Content-Length: 699
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=497
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK header-down-white.png
www.workingadvantage.com/img/ 178 B
714 B 118ms
118ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/header-down-white.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

826eb1e3bc852101a2ed78d2bb6bfcb72c27629842125c05a50466ebc9508ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/menu_default.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 178
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 30 Jan 2020 18:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b2-59d5fee1ec080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Sun, 22 Mar 2020 04:02:29 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato:300,400,900
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 18:51:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2452248
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 22 Jan 2021 18:51:41 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v30/ 12 KB
12 KB 6ms
6ms Font
font/woff 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v30/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Oswald
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 00:54:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Feb 2020 22:45:09 GMT
server: sffe
age: 1393709
content-type: font/woff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12672
x-xss-protection: 0
expires: Thu, 04 Feb 2021 00:54:00 GMT

GET
H/1.1 200
OK lato-bold-webfont.woff
www.workingadvantage.com/css/fonts/ 32 KB
32 KB 114ms
114ms Font
font/opentype 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/fonts/lato-bold-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/site.css
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 32392
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 05 Feb 2014 21:28:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7e88-4f1af71396400"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: font/opentype
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Thu, 21 May 2020 04:02:29 GMT

GET
H/1.1 200
OK lato-bolditalic-webfont.woff
www.workingadvantage.com/css/fonts/ 29 KB
30 KB 117ms
117ms Font
font/opentype 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/fonts/lato-bolditalic-webfont.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

fe86bad2c30b759d70f2d731dd3fadeb1ce0a4731dc4300506c43a744541664c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/site.css
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 30144
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 05 Feb 2014 21:28:51 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "75c0-4f1af71672ac0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: font/opentype
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Thu, 21 May 2020 04:02:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 839
date: Fri, 21 Feb 2020 03:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 21 Feb 2020 05:48:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
26 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b30aeba9eb9573c1e379d011c7c76ec4006282112bd3410ef25f3d724fa87db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26796
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2

200

913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c.js
https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js

159 KB
53 KB

17ms
17ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 22abebbd8d4a429ea8f8471afa183a3143ed6ee1dae9c4200e6206f787caee9e

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 16:00:21 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"f5b1363474dbd51:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=86400

Redirect headers

status: 301
date: Fri, 21 Feb 2020 04:02:29 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js
content-type: text/html

GET
H/1.1 200
OK tracking.js Show response
cdn.livechatinc.com/ 215 KB
59 KB 78ms
32ms Script
application/javascript 2.21.36.101
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.21.36.101 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-36-101.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 161151d8c7574fcca575f317fce76279f4cd7fcd8ff04af5846fac20d2f3d03e

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Jk.56H1ivEJSj_voeGzBM.uX1L_4ceZD
Content-Encoding: gzip
Last-Modified: Thu, 20 Feb 2020 07:58:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53
Date: Fri, 21 Feb 2020 04:02:29 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28800
Connection: keep-alive
Content-Length: 59842
X-Amz-Cf-Id: VmgSry7pTHDt9HWD8Yz1dXyKp5b6gxLsAvxsidhAk8gaZcVSaJ-XXA==
Expires: Fri, 21 Feb 2020 12:02:29 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 94ms
24ms Script
application/x-javascript 91.228.74.152
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.152 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21-Feb-2020 04:02:29 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Fri, 28 Feb 2020 04:02:29 GMT

GET
H2 200 satellite-5d30ab5964746d2006002b1a.js Show response
assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/scripts/ 563 B
530 B 20ms
20ms Script
application/x-javascript 2.21.37.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/ac1c41a45fe625131cbf96e04532e1f6dddefbc0/scripts/satellite-5d30ab5964746d2006002b1a.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.83 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-37-83.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91e62c115c0a214e1c381f639ccd480b6f0469c928f5ac566cd4a8ae0d6ad9c1

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 14:41:41 GMT
server: AkamaiNetStorage
etag: "f4fa661ccc69beda18625e96dffc4863:1578321701.468921"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 285
expires: Fri, 21 Feb 2020 05:02:29 GMT

POST
H/1.1 200
OK li.php Show response
www.workingadvantage.com/common_resources/ 0
584 B 159ms
158ms XHR
text/html 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/li.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XA4PUldACQMDUlhRAQc=
Origin: https://www.workingadvantage.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: text/html; charset=iso-8859-1
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=496
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK li.php Show response
www.workingadvantage.com/common_resources/ 0
584 B 147ms
147ms XHR
text/html 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/li.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-NewRelic-ID: XA4PUldACQMDUlhRAQc=
Origin: https://www.workingadvantage.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: text/html; charset=iso-8859-1
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=495
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 5255.jpg
www.workingadvantage.com/common_resources/campaigns/ 43 KB
44 KB 119ms
119ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/campaigns/5255.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e1eb9dffd1be1d12b313f0f6401d8cd15655c2737645b4937329dfd500859347

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 44478
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 14 Feb 2020 20:46:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "adbe-59e8f4c5a3551"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=60232, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Fri, 21 Feb 2020 20:46:22 GMT

GET
H/1.1 200
OK close.png
www.workingadvantage.com/common_resources/campaigns/ 4 KB
5 KB 177ms
118ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/campaigns/close.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 21 Feb 2020 04:02:29 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4163
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 07 Jan 2016 13:41:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1043-528bea1065f80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=227153771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26h...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_gid=1927861352.1582257750&gjid=1097870980&_v=j81&z=1287597177
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177&slf_rd=1&random=1815355382

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177&slf_rd=1&random=1815355382

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-4045288-1&cid=1243003326.1582257750&jid=251247331&_v=j81&z=1287597177&slf_rd=1&random=1815355382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3...
6479484.fls.doubleclick.net/ Frame 4F7D
Redirect Chain

https://6479484.fls.doubleclick.net/activityi;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php...
https://6479484.fls.doubleclick.net/activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww....

0
0

47ms
47ms

Document
text/html

172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6479484.fls.doubleclick.net/activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6479484.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 21 Feb 2020 04:02:29 GMT
expires: Fri, 21 Feb 2020 04:02:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 529
x-xss-protection: 0
set-cookie: IDE=AHWqTUnAakQMy5X1gCStcvOUzlFEBmGh6qztH3VgcRrV3leG2eDleljKksnOJahv; expires=Wed, 17-Mar-2021 04:02:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 21 Feb 2020 04:02:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6479484.fls.doubleclick.net/activityi;dc_pre=CJeU_rjh4ecCFZjDuwgd0-4BLw;src=6479484;type=retarget;cat=worki0;ord=9526884274469;gtm=2wg2c0;auiddc=97622038.1582257750;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 04:17:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

200

activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%...
9767737.fls.doubleclick.net/ Frame 3CEF
Redirect Chain

https://9767737.fls.doubleclick.net/activityi;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2...
https://9767737.fls.doubleclick.net/activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage....

0
0

30ms
30ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9767737.fls.doubleclick.net/activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9767737.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 21 Feb 2020 04:02:29 GMT
expires: Fri, 21 Feb 2020 04:02:29 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 440
x-xss-protection: 0
set-cookie: IDE=AHWqTUlEz0Ktime6NESxGUM_KVTVBcUL181CZhbWj2k7hobzRw5tcad1mM33Sbrv; expires=Wed, 17-Mar-2021 04:02:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 21 Feb 2020 04:02:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9767737.fls.doubleclick.net/activityi;dc_pre=CJyU_rjh4ecCFSziuwgd0fgOLA;src=9767737;type=retarget;cat=wa-si0;ord=3315814583249;gtm=2wg2c0;auiddc=97622038.1582257750;u6=www.workingadvantage.com%2Faccount.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Feb-2020 04:17:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK spx Show response
dx.steelhousemedia.com/ 12 KB
4 KB 520ms
132ms Script
application/javascript 169.60.153.61
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=23005&tdr=&plh=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&cb=91671888730834180
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.60.153.61 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 3d.99.3ca9.ip4.static.sl-reverse.com
Software: /
Resource Hash: a7207246e6c0ac732dbc3b2e089363e03ab006d7e828b7b75711cccc597d41ca

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 21 Feb 2020 04:02:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Access-Control-Allow-Headers: Accept, Content-Type, x-requested-with, X-Custom-Header, Content-Encoding, Content-Length
Content-Length: 3602
X-Application-Context: application:prod:8080
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-701690947

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a81f7fba45d668f4069d067b42b3e25f12f08a900e26697952dbdb6f62d8c4ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2 200 init Show response
n2.mouseflow.com/ 0
304 B 611ms
110ms XHR
text/plain 207.244.84.210
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/init?v=17.06&p=913a7fd6-dc0a-49da-96d8-8f73cb55b75c&s=279cb81699d03882b786158500135fe5&page=0221299888513b199463fc3876b41494f24b67d3&ret=0&u=715f20cb85fe2586fa243e318dc0a02f&href=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&ref=&title=Working%20Advantage&res=1600x1200&tz=-60&to=0&dnt=0&ori=&dw=1585&dh=1185&time=1257&pxr=1&gdpr=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.244.84.210 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:30 GMT
server: Mouseflow
status: 200
x-recorder: rec-06-us
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
expires: -1

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/6912541/v2/ 66 B
456 B 209ms
155ms Script
application/javascript 104.111.214.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/6912541/v2/get_dynamic_config.js?t=1582257749813&referrer=&url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&params=&channel_type=code&jsonp=__lc_data_336577
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.214.115 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f4230074e217cc8d48c891c1c5a43f470a61b5b05fe35e2c41b22a92d22fe75

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 04:02:30 GMT
X-RateLimit-Remaining: 4966
Content-Type: application/javascript; charset=UTF-8
Access-Control-Expose-Headers: X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control: max-age=0, no-cache, no-store
X-RateLimit-Reset: 1582257752
Connection: keep-alive
Content-Length: 66
Expires: Fri, 21 Feb 2020 04:02:30 GMT

GET
H2 200 rules-p-zhY3S1asLzBpZ.js Show response
rules.quantcount.com/ 3 B
355 B 374ms
362ms Script
application/x-javascript 2600:9000:2057:6e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-zhY3S1asLzBpZ.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:01:19 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 75
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: yHz7x5nXTLL1LE4nazq8Kw7Wp46IEI2N9MASwkkVklhoJuogu0mCTg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 72ms
33ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 9478280665056484852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Feb 2020 04:02:29 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701690947/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701690947/?random=1582257749915&cv=9&fst=1582257749915&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&tiba=Working%20Advantage&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc04f6987396e7710331a50b293645d27919bbd2f2173a58f15ddfe7abe76b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/701690947/ 42 B
118 B 20ms
19ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701690947/?random=1582257749915&cv=9&fst=1582257600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&tiba=Working%20Advantage&async=1&fmt=3&is_vtc=1&random=3930535262&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/701690947/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/701690947/?random=1582257749915&cv=9&fst=1582257600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&tiba=Working%20Advantage&async=1&fmt=3&is_vtc=1&random=3930535262&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:29 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 335 B
650 B 443ms
113ms XHR
application/json 35.172.8.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=ebg-wa
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.8.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-8-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b6ac3edc8df9634a2474ab17d5dfcaeaeb26ff2b3a6c1e89dd2bc1660d96462d

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 21 Feb 2020 04:02:30 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 335

GET
H/1.1 200
OK pixel;r=703070684;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b486363...
pixel.quantserve.com/ 35 B
658 B 86ms
21ms Image
image/gif 91.228.74.145
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=703070684;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229;fpan=1;fpa=P0-1272956372-1582257750195;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1582257750195;tzo=-60;ogl=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.145 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 21 Feb 2020 04:02:30 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 73 KB
19 KB 81ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_5BxS0KFcxMOzRM9&t=1582257750302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a11ff2b3a7bee4a3a6841f532933c557c28a71037b44509ef8d39bd94e91c405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 91020
cf-polished: origSize=75949
status: 200
edge-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"128ad-nM3eIFABUVyJvTLrWjD2sfry4IQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60, s-maxage=604800
cf-ray: 5685d33bb860c857-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 nr-spa-1167.min.js Show response
js-agent.newrelic.com/ 36 KB
14 KB 59ms
19ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1167.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33724c06ccbe331cd5b05f949e06fe180f3472e1b9fa150f0c58803b5e63a99d

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
content-encoding: gzip
x-amz-request-id: 5E5FAF5AAB59D2B3
x-cache: HIT
status: 200
content-length: 13893
x-amz-id-2: Hz71/5jHq+Mt5AOLPBWJC3qvnZQ/brf2Qq/ocj+wxLRg9/pt9xXM77WWhMvcfgc6fa7TvR/C1hM=
x-served-by: cache-hhn4033-HHN
last-modified: Fri, 07 Feb 2020 23:39:57 GMT
server: AmazonS3
x-timer: S1582257750.352754,VS0,VE0
etag: "85cffa0ca71f4cc2b7455585c9a4c43d"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 356

GET
H/1.1 200
OK f30ac265f9 Show response
bam.nr-data.net/1/ 57 B
275 B 347ms
115ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f30ac265f9?a=10369366&v=1167.2a4546b&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=4049&ref=https://www.workingadvantage.com/account.php&ap=228&be=2951&fe=3972&dc=3390&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1582257746330,%22n%22:0,%22f%22:1391,%22dn%22:1392,%22dne%22:1495,%22c%22:1495,%22s%22:1506,%22ce%22:1852,%22rq%22:1852,%22rp%22:2210,%22rpe%22:2962,%22dl%22:2211,%22di%22:3388,%22ds%22:3388,%22de%22:3397,%22dc%22:3971,%22l%22:3971,%22le%22:3974%7D,%22navigation%22:%7B%7D%7D&fp=2971&fcp=3417&at=SBIFFQNPShk%3D&jsonp=NREUM.setToken
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
247 B 331ms
109ms XHR
text/plain 3.213.23.99
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.23.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-23-99.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
server: nginx
status: 200
allow: GET, HEAD, OPTIONS, POST
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2

GET
H2 200 s54771376503367
smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/ 43 B
655 B 254ms
254ms Image
image/gif 18.138.216.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/s54771376503367?AQB=1&ndh=1&pf=1&t=21%2F1%2F2020%205%3A2%3A30%205%20-60&sdid=5EE4FE42D0CCB817-00C69A9D107C774F&D=D%3D&mid=37017901117937222603059555328767229095&aamlh=6&ce=UTF-8&ns=entertainmentbenefits&pageName=account%3A%20enroll&g=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&cc=USD&server=www.workingadvantage.com&events=event10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=account&v5=D%3Dc5&c7=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&c9=anonymous&v9=Thursday%20-%2011%3A00PM&c10=accounts_resetpass&v58=D%3Dc58&c66=%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&c67=%2Faccount.php&c68=%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&v72=D%3Dc72&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.216.223 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-216-223.ap-southeast-1.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
x-content-type-options: nosniff
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 22 Feb 2020 04:02:30 GMT
server: jag
xserver: anedge-665bcdccf8-c8l6g
etag: 3397872645131567104-4619539051005751245
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 20 Feb 2020 04:02:30 GMT

POST
H2 200 delivery Show response
entertainmentbenefit.tt.omtrdc.net/rest/v1/ 279 B
429 B 78ms
22ms XHR
application/json 66.117.29.3
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://entertainmentbenefit.tt.omtrdc.net/rest/v1/delivery?client=entertainmentbenefit&sessionId=ad954bc3f21645c0badd0d854b430e76&version=2.2.0
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.117.29.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: /
Resource Hash: b3289a5bc3b64d5f85e5dbe39948420dcb50c3343e4b13c3854c52829ede8517

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.workingadvantage.com
access-control-allow-credentials: true
x-request-id: 9f559f4a-ae7e-45e2-80f9-d8677bd762b6

GET
H2 200 s53428617679139
smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/ 43 B
555 B 255ms
255ms Image
image/gif 18.138.216.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/s53428617679139?AQB=1&ndh=1&pf=1&t=21%2F1%2F2020%205%3A2%3A30%205%20-60&D=D%3D&mid=37017901117937222603059555328767229095&aamlh=6&ce=UTF-8&ns=entertainmentbenefits&g=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&cc=USD&c61=D%3Dv81&v81=reflektion%20experience%20selected&pe=lnk_o&pev2=rfk&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.216.223 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-216-223.ap-southeast-1.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 04:02:30 GMT
x-content-type-options: nosniff
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 22 Feb 2020 04:02:30 GMT
server: jag
xserver: anedge-665bcdccf8-c8l6g
etag: 3397872645131567104-4617815016773398523
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 20 Feb 2020 04:02:30 GMT

GET
H2 200 an
alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/ 44 B
162 B 120ms
119ms Image
image/gif 52.73.0.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/an?&C=1,uO8AuSxZb2hXl7QI97JAviNAt39Mt35Mez4yez4I8ChE8zEycjkOc30Tcj0P8yMyp28W8D1z8DQ,&t=1582257750848
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.0.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-0-192.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 21 Feb 2020 04:02:30 GMT
last-modified: Wed, 21 Aug 2019 18:40:02 GMT
server: gunicorn/19.6.0
content-length: 44
content-type: image/gif

GET
H2 200 s53657738184750
smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/ 43 B
644 B 254ms
253ms Image
image/gif 18.138.216.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.17.0-D7QN/s53657738184750?AQB=1&ndh=1&pf=1&t=21%2F1%2F2020%205%3A2%3A30%205%20-60&D=D%3D&mid=37017901117937222603059555328767229095&aamlh=6&ce=UTF-8&ns=entertainmentbenefits&g=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&cc=USD&events=event29&v29=Find%20Company%20Code%20Scroll&pe=lnk_o&pev2=Find%20Company%20Code&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.216.223 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-216-223.ap-southeast-1.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 21 Feb 2020 04:02:31 GMT
x-content-type-options: nosniff
x-c: master-1169.Ie4359b.M0-349
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 22 Feb 2020 04:02:31 GMT
server: jag
xserver: anedge-665bcdccf8-h5psd
etag: 3397872647279050752-4615845401679763781
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 20 Feb 2020 04:02:31 GMT

POST
H2 200 html Show response
n2.mouseflow.com/ 0
286 B 694ms
370ms XHR
text/plain 207.244.84.210
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/html?website=913a7fd6-dc0a-49da-96d8-8f73cb55b75c&session=279cb81699d03882b786158500135fe5&page=0221299888513b199463fc3876b41494f24b67d3&gz=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.244.84.210 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:32 GMT
server: Mouseflow
status: 200
strict-transport-security: max-age=31536000
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0
expires: -1

POST
H/1.1 200
OK f30ac265f9 Show response
bam.nr-data.net/events/1/ 24 B
191 B 117ms
116ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f30ac265f9?a=10369366&v=1167.2a4546b&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=5501&ref=https://www.workingadvantage.com/account.php
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.workingadvantage.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
1 KB 529ms
132ms Script
application/javascript 169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?fdx=1&ga_tracking_id=UA-4045288-1&ga_client_id=1243003326.1582257750&shpt=Working%20Advantage&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-4045288-1%22%2C%22ga_client_id%22%3A%221243003326.1582257750%22%2C%22shpt%22%3A%22Working%20Advantage%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%7D%7D&shaid=23005&plh=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&dxver=4.0.0&cb=91671888730834180&shadditional=sh_conversion%3DSHBLOCK&shpn=Password%20Recovery&shps=PasswordRecovery&shpc=
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 7a89b08b1d52cde94503f1eb4d7f21eec0b6ba9889358855af0ca80660af398b

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 04:02:32 GMT
Content-Encoding: gzip
Connection: close
Content-Type: application/javascript;charset=utf-8
P3P: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"

GET
H/1.1 200
OK gs Show response
ww.steelhousemedia.com/ 144 B
728 B 540ms
139ms Script
application/javascript 169.60.140.161
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.steelhousemedia.com/gs
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.60.140.161 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: a1.8c.3ca9.ip4.static.sl-reverse.com
Software: envoy /
Resource Hash: a93976d43b72e182606bfcdabcd9ad56e42f8fc72c245532d6a59136c2742aa2

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 21 Feb 2020 04:02:32 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: envoy
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-envoy-upstream-service-time: 2
connection: close
content-type: application/javascript;charset=utf-8
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 3 KB
1 KB 414ms
159ms Script
application/javascript 169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?fdx=1&ga_tracking_id=UA-4045288-1&ga_client_id=1243003326.1582257750&shpt=Working%20Advantage&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-4045288-1%22%2C%22ga_client_id%22%3A%221243003326.1582257750%22%2C%22shpt%22%3A%22Working%20Advantage%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getTrackingIdByGA%22%3A%22OK%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%7D%7D&shaid=23005&plh=https%3A%2F%2Fwww.workingadvantage.com%2Faccount.php%3Fsub%3Dresetpass%26email%3Dkathyarakaki%2540deltek.com%26hash%3Ddcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229&dxver=4.0.0&shadditional=sh_conversion%3DSHBLOCK&shpn=Password%20Recovery&shps=PasswordRecovery&shpc=&cb=1582257752367415&shguid=c29120e9-42a9-350e-b834-c9935dd9dd89&shgts=1582257752909
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 32ab70c4d2071abd1d1ec4cc917801ad04f039ad9979a14bdda0072260bb8c62

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 21 Feb 2020 04:02:33 GMT
Content-Encoding: gzip
Connection: close
Content-Type: application/javascript;charset=utf-8
P3P: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"

POST
H2 200 dom Show response
n2.mouseflow.com/ 0
303 B 109ms
109ms XHR
text/plain 207.244.84.210
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/dom?gz=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.244.84.210 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:33 GMT
server: Mouseflow
status: 200
x-recorder: rec-06-us
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
expires: -1

GET
H/1.1

200
OK

tdsync
px.steelhousemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=c29120e9-42a9-350e-b834-c9935dd9dd89&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=c29120e9-42a9-350e-b834-c9935dd9dd89&gdpr=&gdpr_consent=
https://px.steelhousemedia.com/tdsync?tdid=d074f955-54dc-4107-9341-323d2d766652&shguid=c29120e9-42a9-350e-b834-c9935dd9dd89

0
369 B

399ms
146ms

Image
text/plain

169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.steelhousemedia.com/tdsync?tdid=d074f955-54dc-4107-9341-323d2d766652&shguid=c29120e9-42a9-350e-b834-c9935dd9dd89
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 04:02:33 GMT
server: envoy
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 18
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 0
x-application-context: application:prod,confluent:9025

Redirect headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:33 GMT
x-aspnet-version: 4.0.30319
location: https://px.steelhousemedia.com/tdsync?tdid=d074f955-54dc-4107-9341-323d2d766652&shguid=c29120e9-42a9-350e-b834-c9935dd9dd89
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 277

GET
H2

200

beeswax
cookie-sync-service-prod.steelhousemedia.com/mapping/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/steelhouse?buyer_user_id=c29120e9-42a9-350e-b834-c9935dd9dd89
https://match.prod.bidr.io/cookie-sync/steelhouse?buyer_user_id=c29120e9-42a9-350e-b834-c9935dd9dd89&_bee_ppp=1
https://cookie-sync-service-prod.steelhousemedia.com/mapping/beeswax?shguid=c29120e9-42a9-350e-b834-c9935dd9dd89&partnerguid=AAV2D068nq0AABwixIhXiA

0
244 B

583ms
185ms

Image
text/plain

54.244.36.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookie-sync-service-prod.steelhousemedia.com/mapping/beeswax?shguid=c29120e9-42a9-350e-b834-c9935dd9dd89&partnerguid=AAV2D068nq0AABwixIhXiA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.36.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-36-123.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 21 Feb 2020 04:02:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
status: 200
server-timing: intid;desc=64bc0018bc1bc6ef
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 0
x-application-context: application:prod-aws-west:8080

Redirect headers

location: https://cookie-sync-service-prod.steelhousemedia.com/mapping/beeswax?shguid=c29120e9-42a9-350e-b834-c9935dd9dd89&partnerguid=AAV2D068nq0AABwixIhXiA
Date: Fri, 21 Feb 2020 04:02:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

POST
H2 200 dom Show response
n2.mouseflow.com/ 0
285 B 109ms
109ms XHR
text/plain 207.244.84.210
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/dom?gz=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.244.84.210 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:34 GMT
server: Mouseflow
status: 200
strict-transport-security: max-age=31536000
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0
expires: -1

GET
H2 200 events Show response
n2.mouseflow.com/ 0
303 B 110ms
109ms XHR
text/plain 207.244.84.210
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to

Full URL

https://n2.mouseflow.com/events?w=913a7fd6-dc0a-49da-96d8-8f73cb55b75c&s=279cb81699d03882b786158500135fe5&p=0221299888513b199463fc3876b41494f24b67d3&q=1&li=0&lh=0&ls=0&d=AABkADQAAAAGQASwAZEOAAAHQwc2JgABAAAH1CYAAgAACeomAAMAAAwIJgAEAAANqCYABQAAJq0T..

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.244.84.210 Alexandria, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),

Reverse DNS

Software

Mouseflow /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Feb 2020 04:02:39 GMT
server: Mouseflow
status: 200
x-recorder: rec-08-us
content-type: text/plain; charset=Windows-1252
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
expires: -1

POST
H/1.1 200
OK f30ac265f9 Show response
bam.nr-data.net/events/1/ 24 B
191 B 117ms
116ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f30ac265f9?a=10369366&v=1167.2a4546b&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=14048&ref=https://www.workingadvantage.com/account.php
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.workingadvantage.com/account.php?sub=resetpass&email=kathyarakaki%40deltek.com&hash=dcf0369f2e69f6588ab82d2d2a5b4863637915fedc8ee90a352fadbd76888229
Origin: https://www.workingadvantage.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.workingadvantage.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.workingadvantage.com/	1970-01-19 16:55:26	Name: __qca Value: P0-1272956372-1582257750195

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.workingadvantage.com/js/jquery-migrate-3.0.0.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

409-bcn-480.mktoresp.com
6479484.fls.doubleclick.net
9767737.fls.doubleclick.net
ajax.googleapis.com
alweb.rfk.workingadvantage.com
assets.adobedtm.com
bam.nr-data.net
cdn.boomtrain.com
cdn.livechatinc.com
cdn.mouseflow.com
cm.everesttech.net
cookie-sync-service-prod.steelhousemedia.com
d1stxfv94hrhia.cloudfront.net
d26opx5dl8t69i.cloudfront.net
dpm.demdex.net
dx.steelhousemedia.com
entertainmentbenefit.tt.omtrdc.net
entertainmentbenefitsgroupllc.demdex.net
events.api.boomtrain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
initjs.rfk.workingadvantage.com
js-agent.newrelic.com
match.adsrvr.org
match.prod.bidr.io
munchkin.marketo.net
n2.mouseflow.com
people.api.boomtrain.com
pixel.quantserve.com
px.steelhousemedia.com
rules.quantcount.com
secure.livechatinc.com
secure.quantserve.com
smetrics.workingadvantage.com
stats.g.doubleclick.net
u10958595.ct.sendgrid.net
waves.retentionscience.com
ww.steelhousemedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.workingadvantage.com
zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com
104.111.214.115
104.17.208.240
13.35.254.29
143.204.202.98
143.204.208.154
151.101.114.110
162.247.242.18
166.78.205.49
167.89.115.54
169.48.74.156
169.60.140.161
169.60.153.61
172.217.16.198
172.217.21.194
172.217.22.38
18.138.216.223
192.28.147.68
2.21.36.101
2.21.37.83
207.244.84.210
23.111.9.38
2600:9000:2057:6e00:6:44e3:f8c0:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:808::2004
2a00:1450:4001:819::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:825::2008
2a00:1450:4001:825::200a
2a00:1450:400c:c04::9d
3.213.23.99
34.197.14.190
34.243.44.116
35.172.8.7
52.208.212.211
52.214.123.193
52.49.13.31
52.73.0.192
52.87.80.26
54.244.36.123
66.117.28.86
66.117.29.3
91.228.74.145
91.228.74.152
95.101.176.176
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
161151d8c7574fcca575f317fce76279f4cd7fcd8ff04af5846fac20d2f3d03e
1d1998a0a303022e33a272f68338bb397f8343861ce8f0b88a10fae22240125c
1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711
1d9e06c8582a76404d1268e85def103900cd1515a88e96ca31adfbe49e3f3d8e
22abebbd8d4a429ea8f8471afa183a3143ed6ee1dae9c4200e6206f787caee9e
22f49589fdb3e047c453c99374cbfab197f69349f546d37cd3c69a94c07aef65
2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5
2fe189df98f36027a498c042a37b2658cf7427ef18abb4965cefd1b9da9b79c6
32ab70c4d2071abd1d1ec4cc917801ad04f039ad9979a14bdda0072260bb8c62
33724c06ccbe331cd5b05f949e06fe180f3472e1b9fa150f0c58803b5e63a99d
38146b44624d2d25cb7cd5a6970ac3125fdf550fc88003c9e1d6c075916e496f
3cdc141b3677c55a55a839c6bfcfb9143e15d7189ca1b6398f86a51fba45013f
3f56d58ffa09cbe576c34da52c7bfd58d6404f1833f3e4fb9aff906066a4cc29
3ff90e45faf4f1517337648274a38902d62cb6e0ee6dc5961a41383d348608fa
40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9
40b012b2ce3cbe534bab0f144849518b034cc8c91c1b8f9997ae4debb79f8d60
411a2459f4276ccf8a4c59fcc1b812793ac61178f08dad113e6020ca3f51cd66
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8
4b30aeba9eb9573c1e379d011c7c76ec4006282112bd3410ef25f3d724fa87db
4b3fef76691d4b24377f77b4f5aee5fcb46a165394f104d3092f6be4114c80ca
4bcb0f820377a5dc80f3f43d991c950d5442ad601328305c0b52785c984bce48
537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
569d06c50baf74a0eb6c7499749c4ffcef893058a6119f7250bdcdc44ced4387
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
640a401ef807204873f6f29f1825bf7400035432bdfd51361edc487d17099df0
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6c81f4dfe91ce41444220ac866f74c8aeed63b3341fef207bc5a36641b765f75
6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7
6f7c82862519e526ebb34df4ef6c15ac6cb55a732f3bc162ddd46ef1a5db3576
7a89b08b1d52cde94503f1eb4d7f21eec0b6ba9889358855af0ca80660af398b
7b4882bcd704237cb17946569e9c3706679476f44ca99ca2bb3ce0c084ec2a72
7bc04f6987396e7710331a50b293645d27919bbd2f2173a58f15ddfe7abe76b2
7c8b033cc69116a4670f6828ace15adda22d4d3ed1bb17e31daea73abbdfbede
7f4230074e217cc8d48c891c1c5a43f470a61b5b05fe35e2c41b22a92d22fe75
826eb1e3bc852101a2ed78d2bb6bfcb72c27629842125c05a50466ebc9508ec8
85df451196ff247226e6263576c869ad7d1055db645cc9129e19264dd8298bf4
8ed937956d0f38453c22b861247c28119c600b1d19912c7ffafaf82c7e7a83e1
91e62c115c0a214e1c381f639ccd480b6f0469c928f5ac566cd4a8ae0d6ad9c1
924ce09c1b46893447425d2af30b82434d01fdcdcac8fd9d09d81a99144e579d
9afb8890d9090a597d1420802b145290a5d3a24002de5bc1639d181f261a622d
9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11ff2b3a7bee4a3a6841f532933c557c28a71037b44509ef8d39bd94e91c405
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3474e90fcaf8a272c9fb30a31f6250ed63159d65cd711bb2f59003f7a7f3767
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a5623027332c42fb348637cf428ad2ec1e727001f5ba186647364670ab107e6c
a7207246e6c0ac732dbc3b2e089363e03ab006d7e828b7b75711cccc597d41ca
a81f7fba45d668f4069d067b42b3e25f12f08a900e26697952dbdb6f62d8c4ba
a93976d43b72e182606bfcdabcd9ad56e42f8fc72c245532d6a59136c2742aa2
b3289a5bc3b64d5f85e5dbe39948420dcb50c3343e4b13c3854c52829ede8517
b6ac3edc8df9634a2474ab17d5dfcaeaeb26ff2b3a6c1e89dd2bc1660d96462d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ceb061fcb384e46e51ab6e4907829a41c5101a055705e318d30c410cd7f1f2ca
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d5630dd7ccdf3c5ebf9d77312e683ceb1825646177a6d253fc7b3fc3932fbac7
d93e854f26f6c8c4a855ff7ceaebf7c5d28d483d16db587a06577f50eb832e44
df002813cb6912b04dc298f57cc51635297a2f5dac78e6153b8f39648306d07f
e15ee4f79f22fa7f76f3e238c5ac9d4883c49b7952beff47a2845f13bc3d917c
e1eb9dffd1be1d12b313f0f6401d8cd15655c2737645b4937329dfd500859347
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ddfa2712534606964e953fb319cf81f5e7e0d6e4a8e9fde6995f164a2efdcb
e613df9aa843851d019cc12e6184972311e2229c14299d2f6c80f4aadf2d844a
e7851f93c4ecc29136aae5d0705a34931d00987644f9e620d3ea6b67c2df9b7c
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebb8b0b73ecae21b1840d76dbf4f67f96ac8e821d437166e74400227766ae75d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d
fe86bad2c30b759d70f2d731dd3fadeb1ce0a4731dc4300506c43a744541664c

www.workingadvantage.com Open in urlscan Pro 166.78.205.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

100 %HTTPS

22 %IPv6

29 Domains

46 Subdomains

41 IPs

9 Countries

1814 kBTransfer

2793 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.workingadvantage.com Open in urlscan Pro
166.78.205.49 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

100 %
HTTPS

22 %
IPv6

29
Domains

46
Subdomains

41
IPs

9
Countries

1814 kB
Transfer

2793 kB
Size

1
Cookies

97 HTTP transactions
0 data transactions