urlscan.io logo urlscan.io
SecurityTrails logo

www.workstream.us Open in urlscan Pro
18.239.83.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdEWlJngrR-2B6hi-2BXLphBoaGoxfK-2FQaiSlHWNdsoI3XgdViC2_NvEdCq...
Effective URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Submission: On November 30 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 18.239.83.4, located in United States and belongs to AMAZON-02, US. The main domain is www.workstream.us. The Cisco Umbrella rank of the primary domain is 403499.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time www.workstream.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
1 1 52.37.39.180 16509 (AMAZON-02)
21 18.239.83.4 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.218.169.225 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2620:1ec:46::44 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
3 23.96.124.68 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
35 10
1    167.89.123.16 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u6500445.ct.sendgrid.net
1    52.37.39.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-39-180.us-west-2.compute.amazonaws.com
l.wrkstrm.us
21    18.239.83.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-4.ams58.r.cloudfront.net
www.workstream.us
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
js.sentry-cdn.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.218.169.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    23.96.124.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
21 workstream.us
www.workstream.us — Cisco Umbrella Rank: 403499
988 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
s.clarity.ms — Cisco Umbrella Rank: 7674
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
310 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
759 B
1 amazonaws.com
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 771268
14 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
91 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6063
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
2 KB
1 wrkstrm.us
l.wrkstrm.us — Cisco Umbrella Rank: 912961
242 B
1 sendgrid.net
u6500445.ct.sendgrid.net
233 B
35 11
Domain Requested by
21 www.workstream.us www.workstream.us
3 s.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms www.workstream.us
www.clarity.ms
2 connect.facebook.net www.workstream.us
connect.facebook.net
1 c.bing.com 1 redirects
1 workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com www.workstream.us
1 www.googletagmanager.com www.workstream.us
1 js.sentry-cdn.com www.workstream.us
1 cdnjs.cloudflare.com www.workstream.us
1 l.wrkstrm.us 1 redirects
1 u6500445.ct.sendgrid.net 1 redirects
35 13

This site contains links to these domains. Also see Links.

Domain
assessment.predictiveindex.com
workstream.us
Subject Issuer Validity Valid
*.workstream.us
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-08 -
2023-12-07		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-29		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Frame ID: C2F40FBAA5F2D3C470957C6BEA0E9003
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1A Auto, Inc. - Nashua, NH - Customer Service Representative - Email/Chat - Remote ($1,500 Sign-on bonus)

Page URL History Show full URLs

  1. https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdEWlJngrR-2B6hi-2BXLphBoaGoxfK-2FQaiSlHW... HTTP 302
    https://l.wrkstrm.us/4a_0Ll9-p HTTP 302
    https://www.workstream.us/j/form/11929beb?locale=en&from=email Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

35
Requests

97 %
HTTPS

54 %
IPv6

11
Domains

13
Subdomains

10
IPs

3
Countries

1215 kB
Transfer

3534 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdEWlJngrR-2B6hi-2BXLphBoaGoxfK-2FQaiSlHWNdsoI3XgdViC2_NvEdCqTey99LxkrDKXXJjBDlSdCMxf9pw5JmoGzqzvYOpy0Qzayx1gWylfKIEr6tsrUG7IHQ6lvmEGIp3O4NsliwVA1t-2BJ2mJokUSQLrDkOi0rR2RnUmy7dyRAcz6JClz3J3qWZSL5hQagdbmbQ2r7ggPV-2F03pPKsqgPStg1ZcN9MI37GbJT7v5yn7Jv54gjuZO-2B-2BpBe8KFuCrXLg2ihzw-3D-3D HTTP 302
    https://l.wrkstrm.us/4a_0Ll9-p HTTP 302
    https://www.workstream.us/j/form/11929beb?locale=en&from=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&RedC=c.clarity.ms&MXFR=2C4827A18F046A1238CE34788B0464F1 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&MUID=350A71F164D464670341622865BF6519

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 11929beb
www.workstream.us/j/form/
Redirect Chain
  • https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdEWlJngrR-2B6hi-2BXLphBoaGoxfK-2FQaiSlHWNdsoI3XgdViC2_NvEdCqTey99LxkrDKXXJjBDlSdCMxf9pw5JmoGzqzvYOpy0Qzayx1gWylfKIEr6tsrUG7IHQ6l...
  • https://l.wrkstrm.us/4a_0Ll9-p
  • https://www.workstream.us/j/form/11929beb?locale=en&from=email
53 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
3db1f25f9de04b9c53e1b35076c7cf954c4709b3c4391f4836837657a8c352f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-language
en
content-length
14373
content-type
text/html; charset=utf-8
date
Thu, 30 Nov 2023 11:50:42 GMT
etag
W/"d462-JH2A8TFr3tUL8hgbyotHZ4KLO6M"
vary
Accept-Encoding
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amz-apigw-id
PNeK-H43PHcEs0Q=
x-amz-cf-id
MhRdfhMa8wuer16hALRooD_Ffd6Qtxc22ESUxqI1DkhbrLRhX0Y_hg==
x-amz-cf-pop
AMS58-P5
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:42 GMT
x-amzn-remapped-server
nginx/1.25.0
x-amzn-requestid
77e0131c-011b-4c58-938a-ffdde6e4a5cc
x-cache
Miss from cloudfront
x-powered-by
Express

Redirect headers

content-length
89
content-type
text/html; charset=utf-8
date
Thu, 30 Nov 2023 11:50:42 GMT
location
https://www.workstream.us/j/form/11929beb?locale=en&from=email
x-amz-apigw-id
PNeK4FsEPHcECNA=
x-amzn-requestid
2abea6e5-9065-45e3-bd56-ae95cc47d61e
x-amzn-trace-id
Root=1-65687712-096e84d4330c2311333beaee;Sampled=0;lineage=1f132391:0
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/flag-icon.min.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
200814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1377
last-modified
Mon, 04 May 2020 16:10:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5d-7f7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ4zRHJfODo6KKMuZDX3T8e6%2BeixQFAoc0c0xECI81ZG91vIsKaxzzVVLFBv5UogYtGlCns6cWls46A5WI7jWTda6nHx9KxGutBSYIrKONgebwM4vxjcsmKJPnnvHdojQpEDHsQB%2B3TadTkArfocbC5D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82e2dfda0b7671d3-FRA
expires
Tue, 19 Nov 2024 11:50:43 GMT
3b70da9a62b04105a77398af2eb15dd0.min.js
js.sentry-cdn.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.sentry-cdn.com/3b70da9a62b04105a77398af2eb15dd0.min.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ebfa2e07d41e6ed7994df1fb3876a55409086707e4f1eaf1163328b48b050014
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; style-src 'unsafe-inline' *; default-src 'none'; object-src 'self'; connect-src 'self' sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io *.algolia.net *.algolianet.com *.algolia.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; font-src * data:; img-src blob: data: *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-src js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=8682a02b5f6e6c73b51434c2da4c87233194c593
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
base-uri 'none'; style-src 'unsafe-inline' *; default-src 'none'; object-src 'self'; connect-src 'self' sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io *.algolia.net *.algolianet.com *.algolia.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; font-src * data:; img-src blob: data: *; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; frame-src js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=8682a02b5f6e6c73b51434c2da4c87233194c593
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 11:50:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
age
39
x-envoy-upstream-service-time
21
content-length
1215
x-xss-protection
1; mode=block
x-served-by
getsentry-web-default-common-production-57744ffd4d-z7hsw, cache-chi-kigq8000148-CHI, cache-fra-eddf8230037-FRA
x-frame-options
deny
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count
1
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
890c07b98db612e8fa6dc2d6327bf5f575b47c3390e663e8ad137f1a6ab95bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92702
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 11:50:43 GMT
intlTelInput.css
www.workstream.us/j/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/intlTelInput.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
a87a0f26-a67f-427a-98a2-ee7e1896c65f
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJHuDvHcEb-w=
content-length
3643
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"6d39-1818b3004c7"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
rrHxwzM4cVmUIN5m6ZmWFfElQEQtlakKd-qPjLB7dIYGE3sc28RmUw==
filepond.css
www.workstream.us/j/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/filepond.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
e730930c572ea4aa6991e7ec6a20e65fda687f8d5bb1151a5c5f835fd434b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
591e3022-e290-4c2b-98ff-79cdf750cf9d
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJHWMvHcENSw=
content-length
6066
last-modified
Thu, 16 Feb 2023 06:36:48 GMT
etag
W/"8da7-18658f09a9c"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
dz-Mt-7vCOEamAuMFVwP6Oa7ac2SNAKVU62-waNQNoTrQAr9SP8edg==
index.css
www.workstream.us/j/css/ 		42 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/index.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
2793c5e1ab59d3d99c919b2a56bdd8145da3ba4352f16b4d4bd1d3d49d84aa11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
c92036fc-3dbc-452a-8ea5-0888de167264
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJGfwvHcEkAQ=
content-length
8508
last-modified
Tue, 20 Jun 2023 01:45:24 GMT
etag
W/"a99c-188d67a605e"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
DtDMF2cKdDjNAEdTxV2VMD4kUpaRWrmZTJU1HNnibJJxaMDjbYi7wQ==
util.css
www.workstream.us/j/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/util.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
205da3ef9b64eda9c06a93232a6e86ac34a06e00758b1af617d2bc4706414689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
cbe40740-9d05-499e-9101-2a00d34dac52
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJF8FPHcEu5Q=
content-length
1918
last-modified
Thu, 07 Jul 2022 03:41:20 GMT
etag
W/"1ee9-181d6bf75e9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
Dr8tU0kJmkoeyu5jpqcFq9fNmUHf3p6MHVA7HyK8jCKtlfqaobRvDQ==
pikaday.css
www.workstream.us/j/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/pikaday.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
f5ad61d9-793f-402e-849c-f21d6d6b8554
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJH-AvHcElfQ=
content-length
1626
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"11d6-180adc4746d"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
A5L17v-49qWf-y566b93ellXbQ-2_bZyW35kOBxxBqXcOkQnDQ00GQ==
weeklyTimeSlotPicker.css
www.workstream.us/j/css/ 		1 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/weeklyTimeSlotPicker.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
708c2fc6-3062-491c-82bc-c6e0c1aa2ff0
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLJHB8PHcEN1Q=
content-length
458
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"521-180adc4746d"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:43 GMT
x-amz-cf-id
uGYA0-9OCxgjHjjIYSUJUexKrXRvaqH0WH7NVR4vdM6gNCO_8CHwfA==
position-apply-no-timeslots.css
www.workstream.us/j/css/ 		1 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/position-apply-no-timeslots.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
d848fed4c849260e6160567a640a3b9af352bc4c160f1ddf5bc2aad325d7da77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
1f9413dc-f2d3-443f-b414-be0024ab3dc8
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLKHcBPHcEQSw=
content-length
428
last-modified
Thu, 15 Dec 2022 10:42:25 GMT
etag
W/"4d8-1851560d2e0"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
wwCnwYSMFGI0RKN7D2UDUBiPXrGSoC54cbaSeg12_2wtMgNx8o3UEQ==
apply-header.css
www.workstream.us/j/css/ 		747 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/css/apply-header.css
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
ea0da4e8971987e49574a55692ab5d81bf0597f70710eaa04060ca05b9987933

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
747
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
ffa194df-13dd-4c45-bf53-918c522485c7
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLKGXgvHcEmiQ=
content-length
747
last-modified
Thu, 17 Nov 2022 09:29:56 GMT
etag
W/"2eb-18484ec66d9"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
zYacxukqlnRaxa534wviQdU4ZN2HMqfKNdst0qK3gYRrXg5QntLQzA==
c1b002234a3be7ff63d1f05add16a069.png
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com/production/uploads/brand/logo/1280/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com/production/uploads/brand/logo/1280/c1b002234a3be7ff63d1f05add16a069.png?X-Amz-Expires=604800&X-Amz-Date=20231130T115042Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA6ORSDT4UQCCCAZFQ%2F20231130%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=1da08b63d81c9335b002389333ac022eac016f63049bb9857db884f74eadcc95
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.169.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7c7261f3f1f8de2f204cea69b2435904b46ddf7b2097be3aaff31c58104d8fb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-version-id
UDAgiObJWMXY8El4AewNmK3C_hDwQ41g
Last-Modified
Thu, 08 Jul 2021 02:11:24 GMT
Server
AmazonS3
x-amz-request-id
14ZVZK7M8YD4Q1YN
ETag
"67be29763eb3278be9ae8c26184f8260"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
INTELLIGENT_TIERING
Cache-Control
public, max-age=31536000
x-amz-replication-status
REPLICA
Accept-Ranges
bytes
Content-Length
14263
x-amz-id-2
gBIVeKSGUxLI/vZwFRnEcpCY1ZLSThbP7LsgC6WntBE8yl/GMhhThf5+Yxt4VJZW2FvRmB8dAkk=
hand-wave.png
www.workstream.us/j/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/hand-wave.png
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
22732
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
4a77229c-b2e1-45d3-941c-3bd9dacfce8d
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLKGWWvHcEMag=
content-length
22732
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"58cc-1818b3004e7"
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
_FaH8ENWFiJ4BdhWMYSt4rlo1w54UQQTch_g42fGgL6Z8lTqABLQiQ==
email.svg
www.workstream.us/j/images/ 		553 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/email.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
553
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
df6d50fa-b487-4a11-bf7c-9b0452aba76e
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMFnoPHcEUrQ=
content-length
553
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"229-180adc47481"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
yyvLENFHxcM-zs0RfjGFSu1GISETI4fWA5NchraoOaSZIxI-2lTvUQ==
mobile-phone.svg
www.workstream.us/j/images/ 		821 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/mobile-phone.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
821
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
d1be0751-1256-43fc-8ad3-04e3e66f14c4
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMF41PHcEeGw=
content-length
821
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"335-1818b3004e7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
WRyO0Y2H2b6Ouzqef8TfAiDrnI6wxK6CO9Dz1nmsXox75bzwQLZpiw==
verify-success.svg
www.workstream.us/j/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/verify-success.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
934c8f4d-618a-496b-a2c2-5a0d2145f1c1
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMG9YvHcENog=
content-length
1185
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"9ea-180adc47491"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
mBVp1vWKz1flLeSIKVIySV6_foow25jXhuLffo7dVKMttF35r_bHkw==
vendor.js
www.workstream.us/j/js/ 		2 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/vendor.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
6802789003529dabd6f11d601bc990c0512ed2f491c02dd7eeae96be0e8480c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
66534f43-87cf-48df-b52d-f6c7f6c55cd6
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMEf_PHcEcAg=
content-length
262525
last-modified
Tue, 28 Nov 2023 01:27:22 GMT
etag
W/"1aefbe-18c1389ba44"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
uqJ4OEtBHHO6k93gyj_DC9qZEkTX9N541FtAjzGPT97LBFIJ2JcfTw==
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7564426bd4f704b16fa6fd8f2a3c1b2cb9e25ccbe0a7e65f6e0f5829ba8ad63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 11:50:43 GMT
content-md5
aeNwj7IImuIH9k3F+Yl/zQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
ApiNcnJsL5UCOnBe3uRNiLINPGaoQQyn2Xl3aq1G+YusN1qnzh03vtUzUh6tfvOS8vuMrDBcEsGR0l7tKf13qA==
x-fb-content-md5
66075436a1263b1d4533e6d79a90cf1c
cross-origin-opener-policy
same-origin-allow-popups
etag
"5aebe9c4aa62ada32b82b7e3d99390e0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 30 Nov 2023 11:58:10 GMT
organization-position-apply-no-timeslots.js
www.workstream.us/j/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/organization-position-apply-no-timeslots.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
b6bef56bf76b9cc6895d73e1a721ad3329e77f8b949dce58cbe6a5219b901246

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
6fbd2fc2-e8fe-4d81-b426-43aa4bf78b2d
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMEZnPHcEdfw=
content-length
1262
last-modified
Tue, 28 Nov 2023 01:27:22 GMT
etag
W/"ac9-18c1389ba38"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
GJPxm2Q0Qpi_sQJUXBVE2GVL_vpUF9dzvslrT0d4QSrzwJVjmRYwwg==
page-online-form.js
www.workstream.us/j/js/ 		354 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/js/page-online-form.js
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
6f17c72bd8426a9db14c0a9a05e629049219b9d2d1ccbb49b869edf0c5ff3204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
1c7b3e88-b0ed-4ae2-9886-b6328d42e15c
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLMGK7vHcEiVw=
content-length
95666
last-modified
Tue, 28 Nov 2023 01:39:56 GMT
etag
W/"5897d-18c13953b59"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
WgSZYuk2ukoFtnLXQ_B90N0sWHK3AHWKSsjs6AAQIqLgeib-wYjyvg==
hqjeombmle
www.clarity.ms/tag/ 		650 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/hqjeombmle
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0beac8b3020d9eafae684ac86f1190d48ccd3f37f2a291d1bf08cbd77982ccf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
-1
date
Thu, 30 Nov 2023 11:50:43 GMT
x-azure-ref
20231130T115043Z-a5urarygf14yr7ddkvt1wz9h440000000uc000000001fc2m
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
footer-brand.svg
www.workstream.us/j/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/footer-brand.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/form/11929beb?locale=en&from=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/form/11929beb?locale=en&from=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
2c884035-7fb8-42a7-b880-2f45f8eb8860
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLME7vvHcEd-g=
content-length
1961
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"ff0-180adc4748d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
NIryIlNiHP53Upo61N8VKcqiERp9wua5SJ-ptv8N07DeOgi0RWQ2TA==
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S92SY4T4XQ&gtm=45je3b60v892537697&_p=1701345043641&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1842386619.1701345044&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701345043&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstream.us%2Fj%2Fform%2F11929beb%3Flocale%3Den%26from%3Demail&dt=1A%20Auto%2C%20Inc.%20-%20Nashua%2C%20NH%20-%20Customer%20Service%20Representative%20-%20Email%2FChat%20-%20Remote%20(%241%2C500%20Sign-on%20bonus)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2832
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 11:50:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.workstream.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.18/ 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.18/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hqjeombmle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:43 GMT
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:41:44 GMT
etag
W/"0x8DBE772F014B026"
vary
Accept-Encoding
x-azure-ref
20231130T115043Z-a5urarygf14yr7ddkvt1wz9h440000000uc000000001fc2y
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7767f6a6-101e-004a-47fe-198d54000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
collect
s.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.workstream.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.workstream.us
Date
Thu, 30 Nov 2023 11:50:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
left-arrow.svg
www.workstream.us/j/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.workstream.us/j/images/left-arrow.svg
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
0e370105266b4c184af250615a98bb681335df5ac2def50751095b123433c135

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/j/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
content-encoding
gzip
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
b27c3028-9a6a-49f9-b541-973d5a57afe6
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLPHpJPHcEpbA=
content-length
794
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"5de-1818b3004e7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
4r_KpNmwrpHfgE0qMICB0lYqb9RV7eQYYQCx5I3Se_Mu2eQGTkkD8Q==
Segoe%20UI.woff
www.workstream.us/j/fonts/ 		141 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/fonts/Segoe%20UI.woff
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb

Request headers

Referer
https://www.workstream.us/j/css/index.css
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
144276
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
fda2d1a3-a25c-4e45-9a43-0fcb4dc0a327
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLPH3hPHcELIw=
content-length
144276
last-modified
Tue, 10 May 2022 11:39:34 GMT
etag
W/"23394-180adc47471"
content-type
application/font-woff
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
9XPSe8mFG8ZpmI4U3R3eF-CD6e9DNr5LrG87hqXAhlOUmaCOyLBibA==
segoeuib.woff
www.workstream.us/j/fonts/ 		232 KB
232 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/fonts/segoeuib.woff
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
15f6ce384f30bef758b3fe224023399ba80082f06d36346e24d71605b3a844df

Request headers

Referer
https://www.workstream.us/j/css/index.css
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
237092
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
42829a50-29c4-4106-a844-dc960d5248c9
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLPEXavHcEmCw=
content-length
237092
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"39e24-1818b3004cf"
content-type
application/font-woff
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
Ep3-S2ZX2DeCoTR4-z6ZQAdmwV0IeIK7-A58FCh9BJBbf70n5U842Q==
seguisb.woff
www.workstream.us/j/fonts/ 		188 KB
189 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.workstream.us/j/fonts/seguisb.woff
Requested by
Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-4.ams58.r.cloudfront.net
Software
/ Express
Resource Hash
edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119

Request headers

Referer
https://www.workstream.us/j/css/index.css
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 11:50:44 GMT
via
1.1 77c9addf0db376b3faacc5e07c320552.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
192948
x-amzn-remapped-server
nginx/1.25.0
x-amz-cf-pop
AMS58-P5
x-amzn-requestid
6e0e4705-b9d3-489b-a5f9-0dbf3e91de12
x-amzn-remapped-connection
keep-alive
x-powered-by
Express
x-cache
Miss from cloudfront
x-amz-apigw-id
PNeLPFbgPHcEc_w=
content-length
192948
last-modified
Wed, 22 Jun 2022 11:33:08 GMT
etag
W/"2f1b4-1818b3004db"
content-type
application/font-woff
cache-control
public, max-age=0
accept-ranges
bytes
x-amzn-remapped-date
Thu, 30 Nov 2023 11:50:44 GMT
x-amz-cf-id
Nt4GEvWe5v0371apRbPlxYE32W4A6fwJ13CWV10rfISBegyUha2Nyw==
sdk.js
connect.facebook.net/en_US/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f3218b38222b75c4687eb0d9f1d974d0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8e1d82f224666358b71f90684b047a1ee21718b4175ee0cf77242b0a0b3e938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.workstream.us/
Origin
https://www.workstream.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 11:50:44 GMT
content-md5
Rou/8P4PCRqUKHg09Ob1fQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88319
reporting-endpoints
x-fb-debug
tXXa2H5gWMA7wuWxI9EnGl0Au1mKYC7nHSTkVZcBlxiTA+X+UbpBzTpoSI1ul8l+D4yr5Q7+19MqzD5aIdIeGA==
x-fb-content-md5
4885ddc7363f9fcdb0ab900874e6fec3
cross-origin-opener-policy
same-origin-allow-popups
etag
"8ccf18858f410f8743145f78d166a7da"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 10:05:52 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&RedC=c.clarity.ms&MXFR=2C4827A18F046A1238CE34788B0464F1
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&MUID=350A71F164D464670341622865BF6519
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&MUID=350A71F164D464670341622865BF6519
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 11:50:44 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 11:50:44 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 76163F4F9D9645A79EDF6FF97D08D730 Ref B: FRAEDGE1411 Ref C: 2023-11-30T11:50:45Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=38D1922D34724B94BA0D80D84B9817B2&MUID=350A71F164D464670341622865BF6519
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
s.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.workstream.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.workstream.us
Date
Thu, 30 Nov 2023 11:50:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
s.clarity.ms/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.workstream.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.workstream.us
Date
Thu, 30 Nov 2023 11:50:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S92SY4T4XQ&gtm=45je3b60v892537697&_p=1701345043641&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1842386619.1701345044&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701345043&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstream.us%2Fj%2Fform%2F11929beb%3Flocale%3Den%26from%3Demail&dt=1A%20Auto%2C%20Inc.%20-%20Nashua%2C%20NH%20-%20Customer%20Service%20Representative%20-%20Email%2FChat%20-%20Remote%20(%241%2C500%20Sign-on%20bonus)&en=scroll&epn.percent_scrolled=90&_et=6&tfd=7839
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S92SY4T4XQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.workstream.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 11:50:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.workstream.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| Sentry function| clarity function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery object| intlTelInputUtils function| pluralRuleParser function| ES6Promise function| axios function| moment function| FilePondPluginFileValidateSize object| FilePond object| __framePainter function| mergeQueryStringParam function| updateQueryStringParam function| updateQueryStringParams function| updateSearchQueryStringParams function| updateSearchQueryStringParamsWithNewUrl function| fbAsyncInit object| questions object| appSettings boolean| isPreview object| application string| APIURL object| i18nData string| locale object| datePickerI18n function| checkTimeSlots object| FB object| __buffer

12 Cookies

Domain/Path Name / Value
.workstream.us/ Name: _ga
Value: GA1.1.1842386619.1701345044
.workstream.us/ Name: _ga_S92SY4T4XQ
Value: GS1.1.1701345043.1.0.1701345043.0.0.0
www.clarity.ms/ Name: CLID
Value: fe73f01ce56b4b668325dee2aaa387d2.20231130.20241129
.workstream.us/ Name: _clck
Value: 2cbme2%7C2%7Cfh5%7C0%7C1429
.workstream.us/ Name: _clsk
Value: 1468839%7C1701345044218%7C1%7C1%7Cs.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 350A71F164D464670341622865BF6519
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 350A71F164D464670341622865BF6519
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 350A71F164D464670341622865BF6519
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
js.sentry-cdn.com
l.wrkstrm.us
region1.google-analytics.com
s.clarity.ms
u6500445.ct.sendgrid.net
workstream-backend-prod-us-west-2.s3.us-west-2.amazonaws.com
www.clarity.ms
www.googletagmanager.com
www.workstream.us
167.89.123.16
18.239.83.4
2001:4860:4802:34::36
23.96.124.68
2606:4700::6811:190e
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:80f::2008
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:200::729
52.218.169.225
52.37.39.180
68.219.88.97
0beac8b3020d9eafae684ac86f1190d48ccd3f37f2a291d1bf08cbd77982ccf0
0e370105266b4c184af250615a98bb681335df5ac2def50751095b123433c135
15f6ce384f30bef758b3fe224023399ba80082f06d36346e24d71605b3a844df
205da3ef9b64eda9c06a93232a6e86ac34a06e00758b1af617d2bc4706414689
2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89
2793c5e1ab59d3d99c919b2a56bdd8145da3ba4352f16b4d4bd1d3d49d84aa11
3db1f25f9de04b9c53e1b35076c7cf954c4709b3c4391f4836837657a8c352f2
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5
4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4
4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c
6802789003529dabd6f11d601bc990c0512ed2f491c02dd7eeae96be0e8480c5
6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d
6f17c72bd8426a9db14c0a9a05e629049219b9d2d1ccbb49b869edf0c5ff3204
72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59
7564426bd4f704b16fa6fd8f2a3c1b2cb9e25ccbe0a7e65f6e0f5829ba8ad63d
7c7261f3f1f8de2f204cea69b2435904b46ddf7b2097be3aaff31c58104d8fb2
890c07b98db612e8fa6dc2d6327bf5f575b47c3390e663e8ad137f1a6ab95bf1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b6bef56bf76b9cc6895d73e1a721ad3329e77f8b949dce58cbe6a5219b901246
b8e1d82f224666358b71f90684b047a1ee21718b4175ee0cf77242b0a0b3e938
d848fed4c849260e6160567a640a3b9af352bc4c160f1ddf5bc2aad325d7da77
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e730930c572ea4aa6991e7ec6a20e65fda687f8d5bb1151a5c5f835fd434b787
ea0da4e8971987e49574a55692ab5d81bf0597f70710eaa04060ca05b9987933
ebfa2e07d41e6ed7994df1fb3876a55409086707e4f1eaf1163328b48b050014
edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119
edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09