www.workstream.us Open in urlscan Pro
108.157.4.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdFQrK2h6UOFhAekR9uISUVQy76aKX4aY3MM2Q-2B4Xzg6qL6m_OH8pZw07NV...
Effective URL:
https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Submission: On May 24 via manual (May 24th 2022, 7:27:16 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 108.157.4.100, located in United States and belongs to AMAZON-02, US. The main domain is www.workstream.us. The Cisco Umbrella rank of the primary domain is 528152.
TLS certificate: Issued by Amazon on February 14th 2022. Valid for: a year.

This is the only time www.workstream.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1 1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
17	108.157.4.100 108.157.4.100	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	52.92.208.122 52.92.208.122	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
23	6

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u6500445.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

i.got.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 108.157.4.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-100.dus51.r.cloudfront.net

www.workstream.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.208.122 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

workstream.s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	workstream.us www.workstream.us — Cisco Umbrella Rank: 528152	701 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	86 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	297 B
1	amazonaws.com workstream.s3-us-west-2.amazonaws.com — Cisco Umbrella Rank: 631806	69 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 4747	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	2 KB
1	got.work 1 redirects i.got.work — Cisco Umbrella Rank: 960735	385 B
1	sendgrid.net 1 redirects u6500445.ct.sendgrid.net	231 B
23	8

	Domain	Requested by
17	www.workstream.us	www.workstream.us
2	connect.facebook.net	www.workstream.us connect.facebook.net
1	www.facebook.com	www.workstream.us
1	workstream.s3-us-west-2.amazonaws.com	www.workstream.us
1	js.sentry-cdn.com	www.workstream.us
1	cdnjs.cloudflare.com	www.workstream.us
1	i.got.work	1 redirects
1	u6500445.ct.sendgrid.net	1 redirects
23	8

This site contains links to these domains. Also see Links.

Domain
workstream.us

Subject Issuer	Validity	Valid
*.workstream.us Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-03` - `2022-06-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Frame ID: 0A16B9FE85127D5DBFDAAF2307539ABC
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Crumbl Cookies - Crumbl HQ - Senior Web Engineer

Page URL History Show full URLs

https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdFQrK2h6UOFhAekR9uISUVQy76aKX4aY3MM2Q-2B... HTTP 302
https://i.got.work/Yym7Yyw4M HTTP 302
https://www.workstream.us/j/form/c9c3527f?locale=en&from=email Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

859 kB
Transfer

2796 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://workstream.us/
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdFQrK2h6UOFhAekR9uISUVQy76aKX4aY3MM2Q-2B4Xzg6qL6m_OH8pZw07NVum75907vfmgKARet1o9hNMdCNTbfI9pEQTZoSvumxFwUahmJJ1dob8OwmvOV5-2FcskVHeluDo4NMRt2WSPjwWbWUuAjBUGGaIAv-2BpEE5NffYoVXwqC0kUn-2BtuVndVy6Cs9knbOCNBFO5Ufx8J3fqFKoqnjOwlGnlYJWpLtX3H6KoksBaREQJBkTy8XcmnI1W37YhMTrnJyqQg-3D-3D HTTP 302
https://i.got.work/Yym7Yyw4M HTTP 302
https://www.workstream.us/j/form/c9c3527f?locale=en&from=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c9c3527f Show response
www.workstream.us/j/form/
Redirect Chain

https://u6500445.ct.sendgrid.net/ls/click?upn=-2Br3McSqp0cIZOahCVI36QdFQrK2h6UOFhAekR9uISUVQy76aKX4aY3MM2Q-2B4Xzg6qL6m_OH8pZw07NVum75907vfmgKARet1o9hNMdCNTbfI9pEQTZoSvumxFwUahmJJ1dob8OwmvOV5-2FcskV...
https://i.got.work/Yym7Yyw4M
https://www.workstream.us/j/form/c9c3527f?locale=en&from=email

20 KB
7 KB

544ms
485ms

Document
text/html

108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 03d444a386b0a897bad3a9444ffa31e9d2442850d43b7181030b76431dd9b164

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 6427
content-type: text/html; charset=utf-8
date: Tue, 24 May 2022 19:27:11 GMT
etag: W/"5196-hVLCOQ2rDnqcPE7lbEXJgo7Jqpg"
vary: Accept-Encoding
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amz-apigw-id: SpSuUFztvHcF8Gg=
x-amz-cf-id: 0WnT4H0mfNdJ_ywp9acv-u92WlSyl7jCpCDYyMTB_W-tJQ0Vim31KA==
x-amz-cf-pop: DUS51-P2
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-requestid: 1ab14a47-21a3-4983-b52a-ea7f0d406fc0
x-cache: Miss from cloudfront
x-powered-by: Express

Redirect headers

content-length: 89
content-type: text/html; charset=utf-8
date: Tue, 24 May 2022 19:27:10 GMT
location: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-apigw-id: SpSuSFKCvHcF3gg=
x-amz-cf-id: kEgD_9jEzvJbxWHHmluc80i3TWIrU92jTyq4T4BwjPmlnyYqIuAq7g==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 62bcb02a-2fe4-4fc8-9c2a-d0a668a9993f
x-amzn-trace-id: Root=1-628d318e-36b530174f5dc4c21098fc5e;Sampled=0
x-cache: Miss from cloudfront

GET
H2 200 flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/ 32 KB
2 KB 39ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/0.8.2/css/flag-icon.min.css

Requested by

Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5863731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1377
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5d-7f7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4iybXkpLDmBxmF%2BASZ3JSFQ34QycIs9HE5m34g2dKvGGSQKyWar%2F5HdJMS7USr%2BOH4P%2BUp1hg9NC0ctkhQ9Gyx4qW2krJHTjxgYiy3N%2FHAWR4Q4zDGFg15Z1yuJcIj9eBTBqI%2Bf1hsToOC7KRhNuP7M"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71086d5e8a9490a0-FRA
expires: Sun, 14 May 2023 19:27:11 GMT

GET
H2 200 3b70da9a62b04105a77398af2eb15dd0.min.js Show response
js.sentry-cdn.com/ 2 KB
1 KB 128ms
108ms Script
text/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/3b70da9a62b04105a77398af2eb15dd0.min.js

Requested by

Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

92ed2d1b7ea8ee8b444286be67ade549d3450c3c24f70e11f2d14788cc4bb7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workstream.us/
Origin: https://www.workstream.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
x-envoy-upstream-service-time: 13
vary: Accept-Encoding
content-length: 1020
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-production-756b9b7979-gxcm2, cache-ord1738-ORD, cache-fra19171-FRA
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes

GET
H2 200 intlTelInput.css
www.workstream.us/j/css/ 27 KB
4 KB 463ms
462ms Stylesheet
text/css 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/css/intlTelInput.css
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSucG93vHcFtGg=
content-length: 3643
x-amzn-requestid: 3cbc0953-8dfe-4034-b687-20920db36b81
last-modified: Sun, 19 Nov 2017 03:09:58 GMT
etag: W/"6d39-15fd241093a"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: Z5d0Hh_KrRw358rcqhk4hppoy18nzhiDYOQ4-m3CCl40si20LIE-VQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 index.css
www.workstream.us/j/css/ 40 KB
9 KB 171ms
170ms Stylesheet
text/css 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/css/index.css
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 77142f8fe43c2451e90cd1296792ba8bd561a5d05e7c1b3f01a536628e47aa8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSuZFh8PHcF7TA=
content-length: 8232
x-amzn-requestid: 07259bac-b5f8-4903-ba0e-f941f8f2f55e
last-modified: Wed, 13 Apr 2022 07:51:40 GMT
etag: W/"a1ed-18021e8187c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: i225qqnQeioRVXmFed06OBRnrWrxtxt0O1mJFzrPnUhWfQJPjxhiKA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 util.css
www.workstream.us/j/css/ 8 KB
2 KB 458ms
457ms Stylesheet
text/css 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/css/util.css
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: f90072336067827b0dfc12db7f7fcc87f39336b9bf77cbee7a94a1ce7fc91390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSucFAWvHcF_7Q=
content-length: 1906
x-amzn-requestid: e5bdebf7-da7f-490d-b59b-b1d31973cab9
last-modified: Thu, 06 Jan 2022 09:28:40 GMT
etag: W/"1e9f-17e2eb80c0c"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 2vDn88c5v6Jl-ikOkIANJTBpTsOrWNu6c25xyU2jDDJqaI5tjA0kjw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 pikaday.css
www.workstream.us/j/css/ 4 KB
2 KB 435ms
434ms Stylesheet
text/css 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/css/pikaday.css
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSucHiIPHcFuvw=
content-length: 1626
x-amzn-requestid: abdf4113-3915-4b3e-9135-bc20905b01c2
last-modified: Tue, 29 May 2018 14:36:12 GMT
etag: W/"11d6-163ac53efef"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: yl3GB27GauPeitO5zopKPIB2vYeawCRYz4FJsGPq3MvQ_qQXoV3Mhg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 weeklyTimeSlotPicker.css
www.workstream.us/j/css/ 1 KB
1013 B 451ms
451ms Stylesheet
text/css 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/css/weeklyTimeSlotPicker.css
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSucEZYvHcFddA=
content-length: 458
x-amzn-requestid: db80e679-a4e5-48b5-ac41-8edf71868b7f
last-modified: Wed, 30 Dec 2020 04:55:27 GMT
etag: W/"521-176b200372e"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: l-Iom7wMNzG8ztWpxqAe7IOD5VgDQah16LI3bL87ZckXMrdWjqe47g==
x-amzn-remapped-connection: keep-alive

GET
H/1.1 200
OK da8c05b82aecd59724885f6c5c5aef6d.jpg
workstream.s3-us-west-2.amazonaws.com/production/uploads/brand/logo/2085/ 68 KB
69 KB 792ms
229ms Image
image/jpeg 52.92.208.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://workstream.s3-us-west-2.amazonaws.com/production/uploads/brand/logo/2085/da8c05b82aecd59724885f6c5c5aef6d.jpg?X-Amz-Expires=604800&X-Amz-Date=20220524T192710Z&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIYTVQILD5OJOIFWA%2F20220524%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-SignedHeaders=host&X-Amz-Signature=142fa75694b3878b375f06aa4af3764bca8963cf925ce3b7d583ea66e6616824
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.208.122 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a86432fbf56087456a36e55055f07f54e8fbdc4953eb6165c2aa96a6f5e7ab38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 19:27:12 GMT
Last-Modified: Thu, 08 Jul 2021 02:16:08 GMT
Server: AmazonS3
x-amz-request-id: MB6B4QFZSKFRT4AR
ETag: "e83f8102dd8bfa23839ba71162eda9d2"
x-amz-version-id: null
Cache-Control: public, max-age=31536000
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 69955
x-amz-id-2: FbT4b+5ctahfZKIWvtgQwzbizIrKCy7fudcN7VBfOuRxfLcbFYVNK/sh1Uk54tu7sS3ZhaPVFtA=

GET
H2 200 hand-wave.png
www.workstream.us/j/images/ 22 KB
23 KB 596ms
595ms Image
image/png 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.workstream.us/j/images/hand-wave.png
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 22732
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSudEunvHcF_fg=
content-length: 22732
x-amzn-requestid: 99e42e58-9f5a-4e78-8c1b-81fb47419f68
last-modified: Tue, 17 Apr 2018 05:54:54 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
etag: W/"58cc-162d22b970a"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: qvKn_ranDJ0K56fr8s7vLGbZ1XylT0r4jYm-LFa_M7uaVKUtnrzhdQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 email.svg
www.workstream.us/j/images/ 553 B
1 KB 438ms
437ms Image
image/svg+xml 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.workstream.us/j/images/email.svg
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 553
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSudHt5PHcFb9w=
content-length: 553
x-amzn-requestid: 32e77d9e-1913-4379-b532-c7a7f5fd88f6
last-modified: Tue, 17 Apr 2018 05:54:54 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
etag: W/"229-162d22b970a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: GcJ8OdY8dLOrgwS_sHg5LukD_nHX7W_E5kEE5KrHUtCLTdzqvhAVmA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mobile-phone.svg
www.workstream.us/j/images/ 821 B
1 KB 462ms
461ms Image
image/svg+xml 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.workstream.us/j/images/mobile-phone.svg
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 821
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSueF3kPHcFpKA=
content-length: 821
x-amzn-requestid: fe371443-a7bf-4f2c-964a-e040bf597e89
last-modified: Tue, 17 Apr 2018 05:54:54 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
etag: W/"335-162d22b970a"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 43E66-JvIeKkaSpl9AWxLSKGoLfmkmFmE06wOjfkDCe75UqftYxhEA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 verify-success.svg
www.workstream.us/j/images/ 2 KB
2 KB 443ms
442ms Image
image/svg+xml 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.workstream.us/j/images/verify-success.svg
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSudFfgPHcF9UQ=
content-length: 1185
x-amzn-requestid: 553a4549-94e7-4c2a-9d41-5be9dfea0585
last-modified: Sun, 19 Nov 2017 14:16:18 GMT
etag: W/"9ea-15fd4a31653"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: ofCBXPMKV7892L9m0SQ3PdOSs_E7lLVC4WPU9oFHB1MMgcFK6CN5uA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 vendor.js Show response
www.workstream.us/j/js/ 2 MB
231 KB 684ms
683ms Script
application/javascript 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/js/vendor.js
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 3d8856b73b19e3d18b0803dc12f75170bff98261ed97acf70a4972f1c3130643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSueEV5vHcFwQw=
content-length: 235432
x-amzn-requestid: bdbc8c07-af14-4036-b1bb-26b620472fd2
last-modified: Tue, 24 May 2022 05:30:15 GMT
etag: W/"195e4e-180f48b5aa3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: yO2oyjDr64O754j97hD86jICi4WaUPRRsAV4L64jlVmllck4y2_30A==
x-amzn-remapped-connection: keep-alive

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 26ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bf28915f66123da01c4429b62b6062d051c9ecaa5933c4b7c7b074fe92b472f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.workstream.us/
Origin: https://www.workstream.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sE2YJv6g1+8FMlxWtJ4g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: AxeA+mwdQZ1l7363bWQ01KfLtX3AAR6EFgHO1E1RiKivwx8UOwOX7xHzsVLBaHWg4K+bYN2H4Ol/lPL6Kpm3WA==
x-fb-trip-id: 686109401
x-fb-content-md5: 658168e2641b5b8bac751f18b91830bb
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 24 May 2022 19:27:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7a6016f3003fd9712a421cbec20ad1fa"
timing-allow-origin: *
expires: Tue, 24 May 2022 19:45:24 GMT

GET
H2 200 page-online-form.js Show response
www.workstream.us/j/js/ 299 KB
79 KB 614ms
612ms Script
application/javascript 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/js/page-online-form.js
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 6dc4d6cd422ac725c4d8ff9cde55efd2884574df13af49a2befba3a68de46fcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSudEwYPHcFvsQ=
content-length: 80539
x-amzn-requestid: 08c2030a-aa7d-41c1-baff-2265a9ce0aba
last-modified: Tue, 24 May 2022 05:27:11 GMT
etag: W/"4ac6d-180f4888e59"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: z_0heccrsfPAmIfUa8Xuonet02GWCzneGfJawtzvWrC-TzxILEWaTw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 footer-brand.svg
www.workstream.us/j/images/ 4 KB
2 KB 441ms
440ms Image
image/svg+xml 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.workstream.us/j/images/footer-brand.svg
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSudFLdvHcFq4g=
content-length: 1961
x-amzn-requestid: 26334175-888f-4904-90ee-f165d3631cb3
last-modified: Tue, 09 Apr 2019 08:22:32 GMT
etag: W/"ff0-16a01310d04"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: flKsh0cO9jvXpPL9Dh4SLKM7rO7eyenbAU2nXjoi-nqH_5vs4RnUng==
x-amzn-remapped-connection: keep-alive

GET
H2 200 Segoe%20UI.woff
www.workstream.us/j/fonts/ 141 KB
142 KB 637ms
636ms Font
application/font-woff 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/fonts/Segoe%20UI.woff
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb

Request headers

Referer: https://www.workstream.us/j/css/index.css
Origin: https://www.workstream.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:11 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 144276
x-amzn-remapped-date: Tue, 24 May 2022 19:27:11 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSuhHYGPHcFwew=
content-length: 144276
x-amzn-requestid: 115f9da0-ab83-424b-bf0b-643fbda3b0f5
last-modified: Mon, 10 Sep 2018 16:18:43 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
etag: W/"23394-165c4472cc8"
content-type: application/font-woff
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 6mRJD11qg-DeaMpWjjZgTSlnzKbevhKRbepjzX_zXhKWRn1CYD6eJg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 seguisb.woff
www.workstream.us/j/fonts/ 188 KB
189 KB 793ms
793ms Font
application/font-woff 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/fonts/seguisb.woff
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119

Request headers

Referer: https://www.workstream.us/j/css/index.css
Origin: https://www.workstream.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:12 GMT
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 192948
x-amzn-remapped-date: Tue, 24 May 2022 19:27:12 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSuiFDLvHcF_7Q=
content-length: 192948
x-amzn-requestid: f0e61704-cd2f-487b-963d-309be1c0ef47
last-modified: Mon, 10 Sep 2018 16:18:49 GMT
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
etag: W/"2f1b4-165c447450e"
content-type: application/font-woff
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: RTpHXc-_hPw2svI5Jy_8sJnBt0tKrG3RXcxZogS1h8HWsGRnVYPj9A==
x-amzn-remapped-connection: keep-alive

GET
H2 200 en.json Show response
www.workstream.us/j/js/i18n/ 8 KB
3 KB 210ms
210ms XHR
application/json 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/js/i18n/en.json
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: f38c16b7d02b6db45655bf1cb8fdd5ec2201642700ab557dae005e0f10154c8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:12 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:12 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSunFv_PHcF8yw=
content-length: 2345
x-amzn-requestid: 03bed3f4-a19e-4e59-bd17-d2a232145027
last-modified: Mon, 14 Mar 2022 06:27:53 GMT
etag: W/"1f78-17f871c9ae4"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 42DblTmk48XsmBf0glQiTn6lcS1rVig4TKIB7CHzySsIvBuYkzfgFw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 zh.json Show response
www.workstream.us/j/js/i18n/ 7 KB
3 KB 166ms
166ms XHR
application/json 108.157.4.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.workstream.us/j/js/i18n/zh.json
Requested by: Host: www.workstream.us
URL: https://www.workstream.us/j/js/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-100.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 684dba3d41ada7eee44b002d4474e28beda07289299105f6e76f33f0214ba4af

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:12 GMT
content-encoding: gzip
x-amzn-remapped-server: nginx/1.10.3 (Ubuntu)
x-amzn-remapped-date: Tue, 24 May 2022 19:27:12 GMT
x-amz-cf-pop: DUS51-P2
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: SpSunGgdPHcFTeg=
content-length: 2420
x-amzn-requestid: b5a37151-b392-4e9f-afa9-f3f1d3c5d634
last-modified: Mon, 27 Dec 2021 13:02:19 GMT
etag: W/"1b4b-17dfbfc0d64"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 f97c9082b750957571bc7e3354a4f4a4.cloudfront.net (CloudFront)
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: iGaJyTEfVGnvrdV95rYljo2NUgWPrUZfSqXVDLU4Jgr2YUUxUioVPQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 292 KB
84 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c110f22770716b9ebc5ede3c30c34254

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db528c5ca4e041b15485516b1dd147b6fc82135ddbf298f656a7855289a6adbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.workstream.us/
Origin: https://www.workstream.us
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kXG45ts0ZtrZuh0crYworQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85300
x-fb-rlafr: 0
x-fb-debug: wipaYqVMcBy3cQ88StTlCtObsh4KTZ6DT1uiz8DnvTnpV7tXGWCb1jCLdshMaeG6Ph73j8n/BhWFdft+hk0gIQ==
x-fb-trip-id: 686109401
x-fb-content-md5: dd3c5d26cec8d3db516040f98c805809
x-frame-options: DENY
date: Tue, 24 May 2022 19:27:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c0e22e8fb7d43abbed22f5248a28ef45"
timing-allow-origin: *
expires: Wed, 24 May 2023 17:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 30ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=282638229036042&ev=fb_page_view&dl=https%3A%2F%2Fwww.workstream.us%2Fj%2Fform%2Fc9c3527f%3Flocale%3Den%26from%3Demail&rl=&if=false&ts=1653420432467&sw=1600&sh=1200&at=

Requested by

Host: www.workstream.us
URL: https://www.workstream.us/j/form/c9c3527f?locale=en&from=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.workstream.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 19:27:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Tue, 24 May 2022 19:27:12 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
i.got.work
js.sentry-cdn.com
u6500445.ct.sendgrid.net
workstream.s3-us-west-2.amazonaws.com
www.facebook.com
www.workstream.us
108.157.4.100
167.89.118.35
18.66.139.84
2606:4700::6811:180e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::729
52.92.208.122
03d444a386b0a897bad3a9444ffa31e9d2442850d43b7181030b76431dd9b164
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2436948b5b6bf5a09b1361d0f77b7b0201484c3a3662d4fef5bdea0580997a89
3d8856b73b19e3d18b0803dc12f75170bff98261ed97acf70a4972f1c3130643
437e649ff48cf805b99a8b0abe1f5c7687d66765d940408f1542d55afe0b07a5
4bf28915f66123da01c4429b62b6062d051c9ecaa5933c4b7c7b074fe92b472f
4ce117c3ee53550ff25cc8679ee37c4818805397fdca3b4bfd3deed435a359a4
4d79a1b5753c89b2f566c08f270cdc5d50821a713ca373b3dd698165dcc93f4c
684dba3d41ada7eee44b002d4474e28beda07289299105f6e76f33f0214ba4af
6d9d0e419ccc2a64e32443d27e54a577ab91d97d3690d74e1e0f77e06c34b77d
6dc4d6cd422ac725c4d8ff9cde55efd2884574df13af49a2befba3a68de46fcb
72d8c220c5d7f22b70affd75371a2ddedea898862ad42bff7846cd15b7c5ed59
77142f8fe43c2451e90cd1296792ba8bd561a5d05e7c1b3f01a536628e47aa8b
92ed2d1b7ea8ee8b444286be67ade549d3450c3c24f70e11f2d14788cc4bb7f3
a86432fbf56087456a36e55055f07f54e8fbdc4953eb6165c2aa96a6f5e7ab38
db528c5ca4e041b15485516b1dd147b6fc82135ddbf298f656a7855289a6adbb
e0c9bf7a40b606390f947277201557a4e6deb8a6ac5270ad52a1bc2a972d8ec3
e3a6c9cd34309486897f6dd8038da6b964d3ae3ce86d1b8dbe283dfeaf48b6bb
edcc0140da7a32a16048b5014c972b9e8db67c8739d7ace7688c7f83d731b119
edf76e50f11d9be90f3283007ecbd8af9c6ddfef75f96209522bce82df485038
f38c16b7d02b6db45655bf1cb8fdd5ec2201642700ab557dae005e0f10154c8a
f8cb0856a98f2c8c193e42dbb3e3097833ea27b5b8d1a4e0d581b2ef7e94ea09
f90072336067827b0dfc12db7f7fcc87f39336b9bf77cbee7a94a1ce7fc91390

www.workstream.us Open in urlscan Pro 108.157.4.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

859 kBTransfer

2796 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

0 Cookies

Indicators

www.workstream.us Open in urlscan Pro
108.157.4.100 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

859 kB
Transfer

2796 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions