view.email.workingadvantage.com Open in urlscan Pro
54.226.89.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.email.workingadvantage.com/click?Ea3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20/CeyJtaWQiOiIxNjY3Mzg3NzM0NDMyNGM1ZmViNmQxMzNlIiwi...
Effective URL:
https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBF...
Submission: On November 05 via manual (November 5th 2022, 1:35:09 am UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 54.226.89.225, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is view.email.workingadvantage.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 2nd 2022. Valid for: a year.

This is the only time view.email.workingadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.20.26 96.47.20.26	46263 (EDIALOG) (EDIALOG)
1	54.226.89.225 54.226.89.225	14618 (AMAZON-AES) (AMAZON-AES)
14	2600:9000:215... 2600:9000:2156:1600:16:341b:8680:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:8600:16:341b:8680:93a1	16509 (AMAZON-02) (AMAZON-02)
17	4

1 96.47.20.26 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: t.knoll.com.mx2.bm16.maas.zetaglobal.net

e.email.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.89.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-89-225.compute-1.amazonaws.com

view.email.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2156:1600:16:341b:8680:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.email.ticketsatwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8600:16:341b:8680:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.email.plumbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ticketsatwork.com images.email.ticketsatwork.com — Cisco Umbrella Rank: 341013	3 MB
2	workingadvantage.com 1 redirects e.email.workingadvantage.com — Cisco Umbrella Rank: 887625 view.email.workingadvantage.com	11 KB
1	plumbenefits.com images.email.plumbenefits.com — Cisco Umbrella Rank: 659283	175 KB
1	gstatic.com fonts.gstatic.com	25 KB
17	4

	Domain	Requested by
14	images.email.ticketsatwork.com	view.email.workingadvantage.com
1	images.email.plumbenefits.com	view.email.workingadvantage.com
1	fonts.gstatic.com	view.email.workingadvantage.com
1	view.email.workingadvantage.com
1	e.email.workingadvantage.com	1 redirects
17	5

This site contains links to these domains. Also see Links.

Domain
preferences.workingadvantage.com
www.workingadvantage.com

Subject Issuer	Validity	Valid
view.email.ticketsatwork.com Go Daddy Secure Certificate Authority - G2	`2022-08-02` - `2023-07-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Frame ID: 5E628F995844D91431AAFDE0BE741BAB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Web View

Page URL History Show full URLs

https://e.email.workingadvantage.com/click?Ea3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20/CeyJtaWQiOiIxNjY3Mzg3NzM0NDMy... HTTP 302
https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEm... Page URL

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2787 kB
Transfer

2853 kB
Size

0
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://preferences.workingadvantage.com/profile?encbu=a3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20=&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Keep your profile up to date

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/?utm_campaign=Logo-top&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=health-wellness&utm_campaign=health-wellness&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Health & Wellness

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=work-essentials&utm_campaign=Office&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Office

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=electronics-computers&utm_campaign=Electronics&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Electronics

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=food-grocery&utm_campaign=Food-Wine&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Food & Wine

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=education&utm_campaign=Education&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Education

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?sub=pets&utm_campaign=Pets&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Pets

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/?utm_campaign=Shop-Now&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: SHOP NOW

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?action=view&sub=samsung-2/&utm_campaign=Samsung&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/packages.php?sub=packages&action=view&id=2418/&utm_campaign=SamsClub&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?action=view&sub=disney-plus/&utm_campaign=Disney-Plus&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/pages.php?sub=wdw/&utm_campaign=Walt-Disney-World&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/pages.php?sub=usf/&utm_campaign=Universal-Orlando&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/pages.php?sub=seaworld/&utm_campaign=SeaWorld-Parks&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/hotels.php?sub=alldestinations&utm_campaign=Hotels&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/rentalcars?/&utm_campaign=Rental-Cars&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/shopping.php?action=view&sub=employee-auto-buying/&utm_campaign=Auto-Buying&utm_medium=Signup_Anniversary1_V1&utm_source=Email&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Search URL Search Domain Scan URL

URL: https://preferences.workingadvantage.com/unsubscribe?encbu=a3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20=%0A&message_uid=16673877344324c5feb6d133e&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: unsubscribe

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/?utm_campaign=Footer-link&utm_source=Email&utm_medium=Signup_Anniversary1_V1&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: www.WorkingAdvantage.com

Search URL Search Domain Scan URL

URL: http://www.workingadvantage.com/privacy.php?utm_campaign=Privacy-Policy&utm_source=Email&utm_medium=Signup_Anniversary1_V1&frombulletin=1&clthash=792f3271766e723b5fb31e043c559b5daff79e98&cmpid=104808&uid=15469214&conv_source=zeta&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.workingadvantage.com/?zeta-2&bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Title: WorkingAdvantage.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.email.workingadvantage.com/click?Ea3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20/CeyJtaWQiOiIxNjY3Mzg3NzM0NDMyNGM1ZmViNmQxMzNlIiwiY3QiOiJlYmctd2EtOWZiMGQ5OTllNjdkZTk1ZmZlZjkxYTYzNjNjMmQ5NjktNzQyIiwicmQiOiJmaXJzdGVuZXJneWNvcnAuY29tIn0/TWkhfZWJnd2FfTkRCQU0xMTAyMjAyMjI1MTU1Mzc0MixlYjIsaHR0cHM6Ly92aWV3LmVtYWlsLndvcmtpbmdhZHZhbnRhZ2UuY29tL21lc3NhZ2VzLzE2NjczODc3MzQ0MzI0YzVmZWI2ZDEzM2UvcmF3/qP2J0X2VlPUxibFlpTW1UeCUyQlduS1BPNFY2Z0oyJTJCVTZYRW1lOVg3bU52JTJGbnZZNGJkVE1CRlEyaFJJd3RUMkFJY25FMHBIWG0mYnRfdHM9MTY2NzM4NzczNDQzNA/sid9cc414a4 HTTP 302
https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request raw Show response
view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/
Redirect Chain

https://e.email.workingadvantage.com/click?Ea3BsZWNlbmlrQGZpcnN0ZW5lcmd5Y29ycC5jb20/CeyJtaWQiOiIxNjY3Mzg3NzM0NDMyNGM1ZmViNmQxMzNlIiwiY3QiOiJlYmctd2EtOWZiMGQ5OTllNjdkZTk1ZmZlZjkxYTYzNjNjMmQ5NjktNzQy...
https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

87 KB
10 KB

558ms
279ms

Document
text/html

54.226.89.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.226.89.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-226-89-225.compute-1.amazonaws.com

Software

nginx /

Resource Hash

88c38db3f9fea799bbecd5a8ad1a48ee7e20ec8c5422088149e2a2b3a768460c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 05 Nov 2022 01:35:04 GMT
etag: W/"2fbd3b8c3a920f392c770cb12a4bd473"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 73314b3b-6b5a-427f-92d2-586acfb2df8b
x-runtime: 0.172622
x-xss-protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Nov 2022 01:35:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Server: Apache
Strict-Transport-Security: max-age=60
X-Powered-By: PHP/7.3.33

GET
H2 200 wa-logo-clear-214x100.png
images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/99de66fd76643b09b546a33abf5b1528/ffa166ce/images/ 12 KB
12 KB 149ms
46ms Image
image/png 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/99de66fd76643b09b546a33abf5b1528/ffa166ce/images/wa-logo-clear-214x100.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a7f9dd53cb0dabdf3ea6cea3985cf3f22f7b4ede860831c80d8bf69b9233c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:17 GMT
x-amz-version-id: null
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 05 Feb 2020 16:19:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 838369
etag: "669544b059317b6ee552053265a6b22f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 12006
x-amz-cf-id: 2YFsX_don_8M57bI1C4d5ZiXvVRRQXD11Ic5b0uQwvVETgI9xQHjmQ==

GET
H2 200 samsung_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 187 KB
188 KB 147ms
45ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/samsung_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2612037e39894d043a27146b9480af4368734294d55c7d6c01b0997367705e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:15:36 GMT
x-amz-version-id: 09HKxTcKg5thHadHzuwIP_lnztLb0whL
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 429570
etag: "70244be96167d4c1314eed158f06ec71"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 191772
x-amz-cf-id: 00cBxij110tVT6ypPeNszJXB7BJ6yc714vgFNenL23hdn9yQur46SA==

GET
H2 200 sams_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/e4747cc7a17885df969c0a3a0da21d0e/66911d4c/images/ 236 KB
237 KB 108ms
22ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/e4747cc7a17885df969c0a3a0da21d0e/66911d4c/images/sams_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a48d3928dc3a232232b286659169f0b59485f183b03a9829cb15cf690095fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:15:36 GMT
x-amz-version-id: hQL68D.UcA0ea0Rld5rAEkDcPVfkvgr7
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 21:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 429570
etag: "57ec85ab8cb7dd43693343ef4d30b49d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 242096
x-amz-cf-id: Jjo0blHDaaeNvprdY5xQEfs_7XFeNaTNQ-8JFX1cb8droW0DPnCiNg==

GET
H2 200 disney-plus_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 108 KB
108 KB 131ms
46ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/disney-plus_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2d7b15f87f1c58aaec8708b7e7cd13ec4b96498be0c49fbe928a2ece82bdbd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:05:07 GMT
x-amz-version-id: JQJRzvJLJK484Rtt.hVdfhO5o3YKnKKM
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 307799
etag: "739dbd0e546828bb8fc21c6791ed7a5b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 110294
x-amz-cf-id: qVPpqnYWUXo0qq4PhkaK0EiVuKeTSI7SeZo7voSdAA0qgxOiw48vzw==

GET
H2 200 wdw_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 348 KB
349 KB 130ms
45ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/wdw_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f71d3bc96b19d6fadebf0cc44732667f3bb6128de1505b154d3c2dea7959eb6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:15:36 GMT
x-amz-version-id: bUGh_Arrkj95pTsEcEkIMhVdJErA.W_2
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 429570
etag: "a28d18ba062c079623a4b5d135db8e84"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 356198
x-amz-cf-id: -gvdPxOUw4wXpfXVfzu3neq1pqp-wy3a9DI_yW7YbUFPSulvUCYmOg==

GET
H2 200 uor_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 328 KB
329 KB 114ms
29ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/uor_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 638c47e2cb12c9f3b1b100a38e226b98d07771417a80dbc62c8df38b6dac38f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 00:30:16 GMT
x-amz-version-id: iH5qQbIpZXcjeF5ElCLidp5GQvzpqYni
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 90289
etag: "2342b2be4cc3df5f9a2b1f13d3c99da3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 335811
x-amz-cf-id: 9qggPkqfAi0F9ag2XZsmmLyFrio-87ZzmB8xhN7IuFG2ufookEzxbw==

GET
H2 200 seaworld_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 440 KB
441 KB 99ms
39ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/seaworld_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc49fac20e79e6e23aa624ec4731c62f8a108125cc539686746ef68ffc61fe96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 03:41:22 GMT
x-amz-version-id: wdS2GFXKYzQOeB4A_fjM4dRabhGG.YDT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 770024
etag: "a4a490f3fb3a07a2107aef7e411cd11a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 450402
x-amz-cf-id: 2d6Bo1hFK-fPof2XbBScKrEzWlmjY5QqMUDAf7ntry5Y1yJtryhXeQ==

GET
H2 200 hotels_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 343 KB
344 KB 73ms
14ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/hotels_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ada6d4af74a20a8e89d2ad0c082bb6594ae8e76ebedbdd786953f4ac161221f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:17:11 GMT
x-amz-version-id: xf9b.qgrasAacTwfggKn6iwq8D3wrMPD
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 656275
etag: "98c67b86f795a1bfc10737b9f5662f99"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 351452
x-amz-cf-id: 34n8dUHanyCGIeFY-Qvedg9qkEOu7LUZv6Fv6tMM-V9a1jGgVUK2MA==

GET
H2 200 rental-cars_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/e4747cc7a17885df969c0a3a0da21d0e/66911d4c/images/ 390 KB
391 KB 85ms
26ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/e4747cc7a17885df969c0a3a0da21d0e/66911d4c/images/rental-cars_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a6bf64c76f7a40f69a7858d12f4b05858d5c1fcf2ada731c6f18b46e6ad811d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 08:42:16 GMT
x-amz-version-id: DWDURfjhFnMdKDxQkmQbKpqLO2ixWpPZ
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Tue, 01 Sep 2020 21:28:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 838370
etag: "afc7939263be9b19432ce1c137cc2d0a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 399460
x-amz-cf-id: MhIdbVaH3ALM7rkC7TwxeDaLDIkx2FJvXvAZBoDnmG23XoJM4xc60w==

GET
H2 200 truecar_800x600.jpg
images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/ 159 KB
160 KB 105ms
46ms Image
image/jpeg 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw/content/68abeeacd51d8b01c6707ae56403343b/fbfad809/images/truecar_800x600.jpg
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6511e58077da5dd79a726d6bab0978b0277e5112229f16b6c29999ee2139b9c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:55:05 GMT
x-amz-version-id: EcRPZb3RRknJQWz36f8lLALgxeZqhEZI
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Sep 2020 19:04:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 826801
etag: "4574acd1c490cf9f948f177526bdfa91"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 163118
x-amz-cf-id: fxehrmjoVe9B7GBFWCNkAY3m_GP-x2oA32UPkh0627hf2qmc-0dgcg==

GET
H2 200 employee_deals-icon.png
images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/ 5 KB
5 KB 69ms
9ms Image
image/png 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/employee_deals-icon.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb467e926a5b02d52299f7ea109212aa1ed8f0ee84d8832eaf3360d3b0f9e859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 28 Oct 2022 04:39:01 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 680165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4907
last-modified: Thu, 02 Apr 2020 14:39:17 GMT
server: AmazonS3
etag: "a3a070ced9f70e815154f2840a903ff1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: XTO3yYeuDWzE3XAFJlC-UaksgYw3Eb4MTS263EkPx7qSvmLwujRMPg==

GET
H2 200 nationwide_offers_icon.png
images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/ 4 KB
5 KB 69ms
9ms Image
image/png 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/nationwide_offers_icon.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4eb931dbd13cacc9dfee2db05ef3ad7663b9e82c448dffe45025954c942cba05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:48:45 GMT
x-amz-version-id: null
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
last-modified: Thu, 02 Apr 2020 14:39:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 751581
etag: "9728976191d52b9e1ad0ac1386850214"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4282
x-amz-cf-id: mUG9FyFnMwhQ4NoI_3B_vNNUCph8_iKMYf3IlNBWqEqpULQA2PpmPg==

GET
H2 200 exceptional_service_icon.png
images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/ 5 KB
5 KB 69ms
9ms Image
image/png 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/exceptional_service_icon.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0cc85c5cdf4b4127712bc854d8194edcbfb8f58eac01b1ecd03cc07fea07f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 27 Oct 2022 10:04:52 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 747014
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5097
last-modified: Thu, 02 Apr 2020 14:39:17 GMT
server: AmazonS3
etag: "7aeab5845e0feb191d8311dc6f0821c5"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: uvdhSG9QcjAjYUTtlJuVjO_YnAweipPaPqar5MSq6JAl4Zt0XNsEyg==

GET
H2 200 browse_n_compare_icon.png
images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/ 3 KB
3 KB 105ms
45ms Image
image/png 2600:9000:2156:1600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.ticketsatwork.com/nudges/ebg-taw-dev/content/94dd59263c6863f39f646d593120cad0/0e65f5a1/images/browse_n_compare_icon.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55167a7626d6ab4be8f72624cb7eda64b5cc4267f913c31bbf7ad5b41117523f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 21 Oct 2022 05:29:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 1281908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2778
last-modified: Thu, 02 Apr 2020 14:39:16 GMT
server: AmazonS3
etag: "ab99b2f353cef15ef4e2781db3c40bc2"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: T4ln8tFBi3uDG6W_TyExkbB6hQAJRE9vVvCr1iALRotuH-eFYCGUpA==

GET
H2 200 qIIYRU-oROkIk8vfvxw6QvesZW2xOQ-xsNqO47m55DA.woff
fonts.gstatic.com/s/lato/v11/ 24 KB
25 KB 116ms
36ms Font
font/woff 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v11/qIIYRU-oROkIk8vfvxw6QvesZW2xOQ-xsNqO47m55DA.woff

Requested by

Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4543b8f10e2052b8769d55f0d6cec974393082926fbe8fbceeb875d27a7e8fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://view.email.workingadvantage.com/
Origin: https://view.email.workingadvantage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 20:32:08 GMT
x-content-type-options: nosniff
age: 363777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24680
x-xss-protection: 0
last-modified: Mon, 06 Oct 2014 20:38:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 20:32:08 GMT

GET
H2 200 signup-anniversary-1-v1.png
images.email.plumbenefits.com/nudges/ebg-pb/content/fcead38d1f76f88b939f45ce011aec90/115dfe34/image/ 174 KB
175 KB 98ms
11ms Image
image/png 2600:9000:2156:8600:16:341b:8680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.email.plumbenefits.com/nudges/ebg-pb/content/fcead38d1f76f88b939f45ce011aec90/115dfe34/image/signup-anniversary-1-v1.png
Requested by: Host: view.email.workingadvantage.com
URL: https://view.email.workingadvantage.com/messages/16673877344324c5feb6d133e/raw?bt_ee=LblYiMmTx%2BWnKPO4V6gJ2%2BU6XEme9X7mNv%2FnvY4bdTMBFQ2hRIwtT2AIcnE0pHXm&bt_ts=1667387734434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:16:341b:8680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a44fe57fd667da896025a12fa5195d981271c30f37230e179e838d513fa81250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://view.email.workingadvantage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 5QbDbvW_ael9W7tavRirIKDZ2FIl4oSY
date: Fri, 04 Nov 2022 10:42:38 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53548
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178622
last-modified: Fri, 02 Oct 2020 00:40:23 GMT
server: AmazonS3
etag: "47363db44bce16141f8293be6038937c"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: jOmOtO7mSLdSRcjiVAfId_x6IwPZLjJQw07wrx_c_2kEHe4bX9bbqQ==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

e.email.workingadvantage.com
fonts.gstatic.com
images.email.plumbenefits.com
images.email.ticketsatwork.com
view.email.workingadvantage.com
2600:9000:2156:1600:16:341b:8680:93a1
2600:9000:2156:8600:16:341b:8680:93a1
2a00:1450:4001:80b::2003
54.226.89.225
96.47.20.26
1a48d3928dc3a232232b286659169f0b59485f183b03a9829cb15cf690095fbf
2612037e39894d043a27146b9480af4368734294d55c7d6c01b0997367705e8c
4543b8f10e2052b8769d55f0d6cec974393082926fbe8fbceeb875d27a7e8fe8
4eb931dbd13cacc9dfee2db05ef3ad7663b9e82c448dffe45025954c942cba05
55167a7626d6ab4be8f72624cb7eda64b5cc4267f913c31bbf7ad5b41117523f
638c47e2cb12c9f3b1b100a38e226b98d07771417a80dbc62c8df38b6dac38f8
6511e58077da5dd79a726d6bab0978b0277e5112229f16b6c29999ee2139b9c9
6a6bf64c76f7a40f69a7858d12f4b05858d5c1fcf2ada731c6f18b46e6ad811d
88c38db3f9fea799bbecd5a8ad1a48ee7e20ec8c5422088149e2a2b3a768460c
9a7f9dd53cb0dabdf3ea6cea3985cf3f22f7b4ede860831c80d8bf69b9233c06
9ada6d4af74a20a8e89d2ad0c082bb6594ae8e76ebedbdd786953f4ac161221f
a44fe57fd667da896025a12fa5195d981271c30f37230e179e838d513fa81250
b2d7b15f87f1c58aaec8708b7e7cd13ec4b96498be0c49fbe928a2ece82bdbd8
c0cc85c5cdf4b4127712bc854d8194edcbfb8f58eac01b1ecd03cc07fea07f62
cb467e926a5b02d52299f7ea109212aa1ed8f0ee84d8832eaf3360d3b0f9e859
f71d3bc96b19d6fadebf0cc44732667f3bb6128de1505b154d3c2dea7959eb6b
fc49fac20e79e6e23aa624ec4731c62f8a108125cc539686746ef68ffc61fe96

view.email.workingadvantage.com Open in urlscan Pro 54.226.89.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

2787 kBTransfer

2853 kBSize

0 Cookies

22 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

view.email.workingadvantage.com Open in urlscan Pro
54.226.89.225 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2787 kB
Transfer

2853 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions