urlscan.io logo urlscan.io
SecurityTrails logo

www.workstream.us Open in urlscan Pro
18.245.60.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QYyv3iR5jHQKO2zV8fsePbK2wUZLvyhC6pPtL-2BHchLkIsngc_YqVc2Q6Tax...
Effective URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Submission: On December 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 33 HTTP transactions. The main IP is 18.245.60.123, located in United States and belongs to AMAZON-02, US. The main domain is www.workstream.us. The Cisco Umbrella rank of the primary domain is 403499.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time www.workstream.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.121 11377 (SENDGRID)
1 1 52.40.167.193 16509 (AMAZON-02)
20 18.245.60.123 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::729 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.5.77.178 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
2 52.152.143.207 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
33 10
1    167.89.115.121 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u6500445.ct.sendgrid.net
1    52.40.167.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-167-193.us-west-2.compute.amazonaws.com
l.wrkstrm.us
20    18.245.60.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-123.fra60.r.cloudfront.net
www.workstream.us
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.5.77.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
20 workstream.us
www.workstream.us — Cisco Umbrella Rank: 403499
756 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
o.clarity.ms — Cisco Umbrella Rank: 7310
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
310 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
764 B
1 amazonaws.com
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 771268
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6063
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
2 KB
1 wrkstrm.us
l.wrkstrm.us — Cisco Umbrella Rank: 912961
245 B
1 sendgrid.net
u6500445.ct.sendgrid.net
233 B
33 11
Domain Requested by
20 www.workstream.us www.workstream.us
2 c.clarity.ms 1 redirects
2 o.clarity.ms www.clarity.ms
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms www.workstream.us
www.clarity.ms
2 connect.facebook.net www.workstream.us
connect.facebook.net
1 c.bing.com 1 redirects
1 workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com www.workstream.us
1 www.googletagmanager.com www.workstream.us
1 js.sentry-cdn.com www.workstream.us
1 cdnjs.cloudflare.com www.workstream.us
1 l.wrkstrm.us 1 redirects
1 u6500445.ct.sendgrid.net 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
assessment.predictiveindex.com
workstream.us
Subject Issuer Validity Valid
*.workstream.us
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-10 -
2023-12-09		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Frame ID: 56C840E2975AD1808EAC1C454CAC7C47
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1A Auto, Inc. - Nashua, NH - Customer Service Representative - Phones - Remote ($1,500 Sign-on bonus)

Page URL History Show full URLs

  1. https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QYyv3iR5jHQKO2zV8fsePbK2wUZLvyhC6pPtL-2BH... HTTP 302
    https://l.wrkstrm.us/iJApRE9zM HTTP 302
    https://www.workstream.us/j/form/dcee7e55?locale=en&from=email Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

33
Requests

97 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

10
IPs

3
Countries

983 kB
Transfer

3303 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QYyv3iR5jHQKO2zV8fsePbK2wUZLvyhC6pPtL-2BHchLkIsngc_YqVc2Q6TaxfIVY64HpFtFyW61FKqC3g-2FZclmeDpo1a2Kdgf3W2oBAG8Gg6NVIrGpHaEcrM3hQ57mNHwGD6PlIyVHN2Mu0xYUmh2aDuC-2FdpQ9uzZb24Ak-2BdnMo3sMqNcT7IQrjVwbmbFGV6ZIfy-2BrNaKnM9ICBCTgBxzk8JyAQU9GHmFQ45iGboxhnVk-2Bo2Rg10dV0JM1TaJIArOiOQZFYUzXU4-2FXYHqJ41wmnYFWq28-3D HTTP 302
    https://l.wrkstrm.us/iJApRE9zM HTTP 302
    https://www.workstream.us/j/form/dcee7e55?locale=en&from=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&RedC=c.clarity.ms&MXFR=0BA01FC546936FFF336F0C1E42936122 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&MUID=299147B669EB6C803E8F546D68396D6E

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dcee7e55
www.workstream.us/j/form/
Redirect Chain
  • https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QYyv3iR5jHQKO2zV8fsePbK2wUZLvyhC6pPtL-2BHchLkIsngc_YqVc2Q6TaxfIVY64HpFtFyW61FKqC3g-2FZclmeDpo1a2Kdgf3W2oBAG8Gg6NVIrGpHaEcrM3hQ57m...
  • https://l.wrkstrm.us/iJApRE9zM
  • https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
fdf6aaf3f6e4e0ef20af943f26eecf9ce8fc11b2766f6d3b9af0965135d1ca12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en
content-length
14348
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 13:30:54 GMT
etag
W/"d3d8-U4mXMoeCOHp//ygvsutA6mZH+cg"
vary
Accept-Encoding
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amz-apigw-id
PUSuWH7APHcElNw=
x-amz-cf-id
KoPaQKYTm9rHNfkOkphvE0l-XpK-gTl_c0rqqWHSngtJPwJHdVBXlw==
x-amz-cf-pop
FRA60-P5
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:54 GMT
x-amzn-remapped-server
nginx/1.25.0
x-amzn-requestid
adf2f06a-7873-4209-b2f4-18192ced6647
x-cache
Miss from cloudfront
x-powered-by
Express

Redirect headers

content-length
89
content-type
text/html; charset=utf-8
date
Sat, 02 Dec 2023 13:30:54 GMT
location
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
x-amz-apigw-id
PUSuTGzxvHcEC4w=
x-amzn-requestid
3db34269-ef31-459e-945b-a90bf543fd7c
x-amzn-trace-id
Root=1-656b318e-6083ceed2780368f2a57a234;Sampled=0;lineage=1f132391:0
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/flag-icon.min.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1593550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1377
last-modified
Mon, 04 May 2020 16:10:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5d-7f7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXLhDvOYThrmOpMnjpn70EsUVet0cHdJ0QD9UNOlFgsINa1YZHy7LhdJiJAmzkSZiqhdiM7yLcxdPH3coQMs705GmrwTF6VYNQjR8ZRF2zHW%2FGHoHhHqDmNpuS5o47jUGBVE0N5giAe3f16Sy4fs40Sp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82f3ed5f2b06381f-FRA
expires
Thu, 21 Nov 2024 13:30:55 GMT
3b70da9a62b04105a77398af2eb15dd0.min.js
js.sentry-cdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/3b70da9a62b04105a77398af2eb15dd0.min.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebfa2e07d41e6ed7994df1fb3876a55409086707e4f1eaf1163328b48b050014
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; default-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com app.pendo.io; media-src *; base-uri 'none'; object-src 'self'; frame-src app.pendo.io js.stripe.com sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; img-src blob: data: *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=bf3d4d8ee4c8cd6755eea1f956fbcb76364b92bc
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; default-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com app.pendo.io; media-src *; base-uri 'none'; object-src 'self'; frame-src app.pendo.io js.stripe.com sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; font-src * data:; img-src blob: data: *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=bf3d4d8ee4c8cd6755eea1f956fbcb76364b92bc
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 13:30:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
350
x-envoy-upstream-service-time
15
content-length
1215
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-dcfd7cfd5-w92hw, cache-chi-kigq8000148-CHI, cache-fra-eddf8230135-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93bc9d6fd269c7f16e7659c93b446fdd32deb3ef59979286fc6b1c8f6f63114f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92999
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Dec 2023 13:30:55 GMT
intlTelInput.css
www.workstream.us/j/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/intlTelInput.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
ee52b6bb-3a60-4c81-b1f8-28b318782784
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSueHd7PHcEWmA=
content-length
3643
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"6d39-1818b3004c7"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
0h7OZIdNecOyn5p8WknvVbP2avDANaryCnhRinas_ylwBN-RspK8ZA==
filepond.css
www.workstream.us/j/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/filepond.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
e730930c572ea4aa6991e7ec6a20e65fda687f8d5bb1151a5c5f835fd434b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
f2eb7cfd-47f3-4831-a1af-d9f3dd9dc057
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSubFjvPHcEdfQ=
content-length
6066
last-modified
Thu, 16 Feb 2023 06:47:40 GMT
etag
W/"8da7-18658fa8ba1"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
Z3Y2W94BwZI8Iip7gLVJGJXEV4NfQ3uje6ciugjsCjD6GU0Tc9chJw==
index.css
www.workstream.us/j/css/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/index.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
2793c5e1ab59d3d99c919b2a56bdd8145da3ba4352f16b4d4bd1d3d49d84aa11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
47fe004a-241b-4dfa-a308-7368a2af0e86
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSueEBdvHcEr8Q=
content-length
8508
last-modified
Tue, 20 Jun 2023 01:57:14 GMT
etag
W/"a99c-188d6853718"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
JQGqHoe78pFUIkfcXCXw0et3bYuFVDyyXk0DKSNOlkN9rNXv1GKBFQ==
util.css
www.workstream.us/j/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/util.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
205da3ef9b64eda9c06a93232a6e86ac34a06e00758b1af617d2bc4706414689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
3b75487d-68d9-48ee-bc9b-8ac4606f28e8
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSueG3AvHcEtUQ=
content-length
1918
last-modified
Thu, 07 Jul 2022 03:41:20 GMT
etag
W/"1ee9-181d6bf75e9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
WhLCEMyTnNVjN37lwrtPawHp1KOxNI543w8ingqjX4hRR0xX-3YaOw==
pikaday.css
www.workstream.us/j/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/pikaday.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
d01d003a-3441-42fd-9172-c89fd608c23c
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSueEVbPHcEN1Q=
content-length
1626
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"11d6-1818b3004c7"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
6S14fCzWDDxyD9mxRnXdikvsiiTn9u08Eay_4nRi5eQ3l788grNHhw==
weeklyTimeSlotPicker.css
www.workstream.us/j/css/ 		1 KB
1006 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/weeklyTimeSlotPicker.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
26063d6f-3b7f-4c1c-8772-f30dc8b36a20
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSueHZzvHcEDnA=
content-length
458
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"521-1818b3004c7"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
LyupoZJlhj39Ose4m6mQ8Ll5pfpkwzLnCWRkB27WwhbWUX1OYsOhNg==
position-apply-no-timeslots.css
www.workstream.us/j/css/ 		1 KB
975 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/position-apply-no-timeslots.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
d848fed4c849260e6160567a640a3b9af352bc4c160f1ddf5bc2aad325d7da77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
4a80242e-1420-4aad-8ef4-2ffba41cb5cc
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSufGVAPHcENxw=
content-length
428
last-modified
Thu, 15 Dec 2022 10:31:25 GMT
etag
W/"4d8-1851556c04a"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
0mt9ANu2_44PIajCxrYXRCC4NIt8wJHnOpgRb69YP9JWdsN2tPYk-Q==
apply-header.css
www.workstream.us/j/css/ 		747 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/apply-header.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
ea0da4e8971987e49574a55692ab5d81bf0597f70710eaa04060ca05b9987933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
747
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
ad70f512-264e-43e0-9053-c87b9f23c8a2
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSufFS5vHcEFtQ=
content-length
747
last-modified
Thu, 17 Nov 2022 09:19:07 GMT
etag
W/"2eb-18484e28280"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
HdEeKNq-61CV5YXhERt00pqKw44zBop7XaX15CBgVSLX2VRYN3fCig==
c1b002234a3be7ff63d1f05add16a069.png
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com/production/uploads/brand/logo/1280/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com/production/uploads/brand/logo/1280/c1b002234a3be7ff63d1f05add16a069.png?X-Amz-Expires=604800&X-Amz-Date=20231202T133054Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA6ORSDT4UQCCCAZFQ%2F20231202%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=0b72ba45c3bfbb1a59c3cf9a4d3ec718774c8fc646d1626de4ef810d500a44db
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.77.178 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c7261f3f1f8de2f204cea69b2435904b46ddf7b2097be3aaff31c58104d8fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Sat, 02 Dec 2023 13:30:56 GMT
x-amz-version-id
UDAgiObJWMXY8El4AewNmK3C_hDwQ41g
Last-Modified
Thu, 08 Jul 2021 02:11:24 GMT
Server
AmazonS3
x-amz-request-id
WXFXJHHM66N3S688
ETag
"67be29763eb3278be9ae8c26184f8260"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
INTELLIGENT_TIERING
Cache-Control
public, max-age=31536000
x-amz-replication-status
REPLICA
Accept-Ranges
bytes
Content-Length
14263
x-amz-id-2
WH9ZeKDbHq53dxnOKYJnD7iV6Psr5g0Ylo3WOBbCICFWHMcm2WpW8tLskFwjJuZ2R/oJ96UOBe/a9bsLGSZqfA==
hand-wave.png
www.workstream.us/j/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/hand-wave.png
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
22732
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
5313c205-581a-44e8-ad24-8b567c9894de
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSufF39PHcECAA=
content-length
22732
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"58cc-180adc4748d"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
PAKvJyJzjMyqAdFxrEG37N1-LFOK_wZaoXHilXs7F-Mq0geDCtEBPg==
email.svg
www.workstream.us/j/images/ 		553 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/email.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
553
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
8513ad63-6ad8-4ead-a575-ecfca427dee8
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugFm0vHcEpEQ=
content-length
553
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"229-1818b3004db"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
uZ1vpTwxRfc4igCek7hpbipLvcP2Z7NQewtjBDebHa7KkwtnibQ60w==
mobile-phone.svg
www.workstream.us/j/images/ 		821 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/mobile-phone.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
821
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
0e2551d4-efe4-4560-88ab-0affdee0138f
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugG1ZvHcEC4w=
content-length
821
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"335-180adc4748d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
uOhCbSmj_XYXg2A1I7-M1APyK3wnF6qBrNHISY80u36RP3fbMbdO_Q==
verify-success.svg
www.workstream.us/j/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/verify-success.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
24980ad9-8bf7-4e44-a428-5582d8407745
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugHMRPHcEeGw=
content-length
1185
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"9ea-1818b3004eb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
rBOl-EMzQOEhR5dCLI8qNufECX4v5VdRlyaT1KoEEHcUAwvzpxrFiw==
vendor.js
www.workstream.us/j/js/ 		2 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/vendor.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
6802789003529dabd6f11d601bc990c0512ed2f491c02dd7eeae96be0e8480c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
df200f12-433d-4ecf-a2e5-fb6f2a3f4acb
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugFDAvHcEncA=
content-length
262525
last-modified
Tue, 28 Nov 2023 01:27:22 GMT
etag
W/"1aefbe-18c1389ba44"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
TIfAVBwu0a1fx8DZZC-gFfOpNGwjxnpxmNfcTLnIEs-QVGwZlpu7-Q==
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c2ee3f6a957a42760110d298fa748fb4ca82734f2c86993495bda9db70e6542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 13:30:55 GMT
content-md5
9y+Ien8ppSWUCPZ7D8mjDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1690
reporting-endpoints
x-fb-debug
BiDBQwa8mbr2HfkV/6EI3hPuwitKW2Ubc2N0/SCBJqhkt+TZA1Mt78Ssp8g2zmBREpOZpbs5kRgKZoxNkVNVDg==
x-fb-content-md5
6e0b840da9147e16ab5abf6ff9965dec
cross-origin-opener-policy
same-origin-allow-popups
etag
"ace67cc4d81f548d561b5aab46386eb3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 02 Dec 2023 13:41:41 GMT
organization-position-apply-no-timeslots.js
www.workstream.us/j/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/organization-position-apply-no-timeslots.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
b6bef56bf76b9cc6895d73e1a721ad3329e77f8b949dce58cbe6a5219b901246

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
3a6fd22b-24b1-4f79-b057-efdc8b6eca8e
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugGM3vHcEfBA=
content-length
1262
last-modified
Tue, 28 Nov 2023 01:39:56 GMT
etag
W/"ac9-18c13953b59"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
hnr1ZuyeL8SgTaE1EEOJPcq4dCuM9oOr0IM3jkMpb03MxIRBcT3-7w==
page-online-form.js
www.workstream.us/j/js/ 		354 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/page-online-form.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
6f17c72bd8426a9db14c0a9a05e629049219b9d2d1ccbb49b869edf0c5ff3204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
af343deb-0497-42be-8c11-7c1706ab4418
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugGf_PHcEVyw=
content-length
95666
last-modified
Tue, 28 Nov 2023 01:39:56 GMT
etag
W/"5897d-18c13953b59"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
m97l8z_Ocp_2VWkws7_0UoIBbUsXFPvssyHX7jfDVUZLUyZVrQJqsw==
hqjeombmle
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hqjeombmle
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c22a10a8cf8e3ad2f217dcdea17b3428fed758767384c06369072dc0e86b70d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
-1
date
Sat, 02 Dec 2023 13:30:55 GMT
x-azure-ref
20231202T133055Z-gzhw7xw4wd1qh6v67vm3m4df1g0000000140000000011f4c
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
footer-brand.svg
www.workstream.us/j/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/footer-brand.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/dcee7e55?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
1c4151b8-e590-4de4-8d4a-9d7b0b19b51d
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSugF01vHcEclg=
content-length
1961
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"ff0-180adc4748d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:55 GMT
x-amz-cf-id
rBjJNrWh3SqZ1XKphNF1cFN2wGnHNEQQQUSAZymJsPdxHL_GRzFjUA==
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S92SY4T4XQ&gtm=45je3bt0v892537697&_p=1701523855236&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=952857968.1701523855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701523855&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstream.us%2Fj%2Fform%2Fdcee7e55%3Flocale%3Den%26from%3Demail&dt=1A%20Auto%2C%20Inc.%20-%20Nashua%2C%20NH%20-%20Customer%20Service%20Representative%20-%20Phones%20-%20Remote%20(%241%2C500%20Sign-on%20bonus)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 13:30:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.workstream.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hqjeombmle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:55 GMT
content-encoding
br
last-modified
Thu, 30 Nov 2023 12:37:50 GMT
etag
W/"0x8DBF1A12A7EABEF"
vary
Accept-Encoding
x-azure-ref
20231202T133055Z-gzhw7xw4wd1qh6v67vm3m4df1g0000000140000000011f5n
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
68748bd9-901e-0036-6d53-24a3ab000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
o.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.workstream.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.workstream.us
Date
Sat, 02 Dec 2023 13:30:55 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
left-arrow.svg
www.workstream.us/j/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/left-arrow.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
0e370105266b4c184af250615a98bb681335df5ac2def50751095b123433c135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:56 GMT
content-encoding
gzip
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
3de21395-fb1d-44cf-8b75-6f21d178bb8a
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSukGD3vHcEZrQ=
content-length
794
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"5de-1818b3004e7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:56 GMT
x-amz-cf-id
AEXk9gi5nPdrOtk0Nmyw-31KDRRXpygVIj0xK4sDrG_-NInRd1O-0Q==
Segoe%20UI.woff
www.workstream.us/j/fonts/ 		141 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/fonts/Segoe%20UI.woff
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb

Request headers

Referer
https://www.workstream.us/j/css/index.css
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:56 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
144276
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
f937445c-3b1f-4764-88c1-8ef743a6bae9
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSukFhHvHcEOOg=
content-length
144276
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"23394-1818b3004cb"
content-type
application/font-woff
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:56 GMT
x-amz-cf-id
zIYa-KS01auhUpWGF84QpfgbvR1Ca5b256XcFuHZszTNOxZpq8JkXw==
seguisb.woff
www.workstream.us/j/fonts/ 		188 KB
189 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/fonts/seguisb.woff
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-123.fra60.r.cloudfront.net
Software
/ Express
Resource Hash
edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119

Request headers

Referer
https://www.workstream.us/j/css/index.css
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 13:30:56 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
192948
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
FRA60-P5
x-amzn-requestid
2047c29a-40bd-436f-8620-ede14eb07667
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PUSukFWcPHcETMw=
content-length
192948
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"2f1b4-1818b3004db"
content-type
application/font-woff
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Sat, 02 Dec 2023 13:30:56 GMT
x-amz-cf-id
pGofHtqCXiamxhu_ixDMsvlb0URXESCndAi-fnPGVRKpSWK90Y6fpQ==
sdk.js
connect.facebook.net/en_US/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=58a5959b3c49b4189a281613689514fd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed65c9d8b8d6cc1b4723cde25e4db39d1dd2389c08ec623e04212de38af215b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 13:30:56 GMT
content-md5
rhRbaAKK0v6nRIpzqda6GA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88320
reporting-endpoints
x-fb-debug
JFDTnnGUb2aFyz6e/Umow+1MY3TLMKvuekP8EA/jtTpPP5BO22vZyd1cmc7MELn7UCLvliEU7GXGq6jwbJ21wQ==
x-fb-content-md5
11c49e85cd49c8d2f70d40502e90f21e
cross-origin-opener-policy
same-origin-allow-popups
etag
"30ebc3ada6268e98d9b0ee5e205950f9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 01 Dec 2024 13:03:31 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&RedC=c.clarity.ms&MXFR=0BA01FC546936FFF336F0C1E42936122
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&MUID=299147B669EB6C803E8F546D68396D6E
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&MUID=299147B669EB6C803E8F546D68396D6E
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 13:30:56 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 02 Dec 2023 13:30:56 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 577E2F07BB2346B6BFBF7AFAD1AF4996 Ref B: FRAEDGE1222 Ref C: 2023-12-02T13:30:56Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=550A74AE56944F12AE797D2892D452EC&MUID=299147B669EB6C803E8F546D68396D6E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
o.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.workstream.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.workstream.us
Date
Sat, 02 Dec 2023 13:30:56 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S92SY4T4XQ&gtm=45je3bt0v892537697&_p=1701523855236&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=952857968.1701523855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701523855&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstream.us%2Fj%2Fform%2Fdcee7e55%3Flocale%3Den%26from%3Demail&dt=1A%20Auto%2C%20Inc.%20-%20Nashua%2C%20NH%20-%20Customer%20Service%20Representative%20-%20Phones%20-%20Remote%20(%241%2C500%20Sign-on%20bonus)&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6693
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 13:31:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.workstream.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Sentry function| clarity function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| intlTelInputUtils function| pluralRuleParser function| ES6Promise function| axios function| moment function| FilePondPluginFileValidateSize object| FilePond object| __framePainter function| mergeQueryStringParam function| updateQueryStringParam function| updateQueryStringParams function| updateSearchQueryStringParams function| updateSearchQueryStringParamsWithNewUrl function| fbAsyncInit object| questions object| appSettings boolean| isPreview object| application string| APIURL object| i18nData string| locale object| datePickerI18n function| checkTimeSlots object| FB object| __buffer

12 Cookies

Domain/Path Name / Value
.workstream.us/ Name: _ga
Value: GA1.1.952857968.1701523855
.workstream.us/ Name: _ga_S92SY4T4XQ
Value: GS1.1.1701523855.1.0.1701523855.0.0.0
www.clarity.ms/ Name: CLID
Value: 2e732b4e8f3b4e7a9a0ae226ca9be318.20231202.20241201
.workstream.us/ Name: _clck
Value: 1b2jd1u%7C2%7Cfh7%7C0%7C1431
.workstream.us/ Name: _clsk
Value: 12sn9d7%7C1701523855836%7C1%7C1%7Co.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 299147B669EB6C803E8F546D68396D6E
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 299147B669EB6C803E8F546D68396D6E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 299147B669EB6C803E8F546D68396D6E
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
js.sentry-cdn.com
l.wrkstrm.us
o.clarity.ms
region1.google-analytics.com
u6500445.ct.sendgrid.net
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com
www.clarity.ms
www.googletagmanager.com
www.workstream.us
167.89.115.121
18.245.60.123
2001:4860:4802:32::36
2606:4700::6811:190e
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42::729
3.5.77.178
52.152.143.207
52.40.167.193
68.219.88.97
0e370105266b4c184af250615a98bb681335df5ac2def50751095b123433c135
1c2ee3f6a957a42760110d298fa748fb4ca82734f2c86993495bda9db70e6542
205da3ef9b64eda9c06a93232a6e86ac34a06e00758b1af617d2bc4706414689
2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89
2793c5e1ab59d3d99c919b2a56bdd8145da3ba4352f16b4d4bd1d3d49d84aa11
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5
4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4
4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c
6802789003529dabd6f11d601bc990c0512ed2f491c02dd7eeae96be0e8480c5
6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d
6f17c72bd8426a9db14c0a9a05e629049219b9d2d1ccbb49b869edf0c5ff3204
72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59
7c7261f3f1f8de2f204cea69b2435904b46ddf7b2097be3aaff31c58104d8fb2
93bc9d6fd269c7f16e7659c93b446fdd32deb3ef59979286fc6b1c8f6f63114f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b6bef56bf76b9cc6895d73e1a721ad3329e77f8b949dce58cbe6a5219b901246
c22a10a8cf8e3ad2f217dcdea17b3428fed758767384c06369072dc0e86b70d1
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d848fed4c849260e6160567a640a3b9af352bc4c160f1ddf5bc2aad325d7da77
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e730930c572ea4aa6991e7ec6a20e65fda687f8d5bb1151a5c5f835fd434b787
ea0da4e8971987e49574a55692ab5d81bf0597f70710eaa04060ca05b9987933
ebfa2e07d41e6ed7994df1fb3876a55409086707e4f1eaf1163328b48b050014
ed65c9d8b8d6cc1b4723cde25e4db39d1dd2389c08ec623e04212de38af215b2
edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119
edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038
f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09
fdf6aaf3f6e4e0ef20af943f26eecf9ce8fc11b2766f6d3b9af0965135d1ca12