www.workingadvantage.com Open in urlscan Pro
166.78.205.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.email.workingadvantage.com/click/Ec2llcnJhLmZ1bGxlckBpbnRlZ3Jpc29rLmNvbQ/CeyJtaWQiOiIxNTk5ODI5OTYwMTI1MzhlM2NiMDRhY2JiIiwiY...
Effective URL:
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversa...
Submission: On September 15 via api (September 15th 2020, 4:04:14 pm UTC) from US

Summary HTTP 121 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 27 domains to perform 121 HTTP transactions. The main IP is 166.78.205.49, located in San Antonio, United States and belongs to RACKSPACE, US. The main domain is www.workingadvantage.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 19th 2019. Valid for: 2 years.

This is the only time www.workingadvantage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	96.47.24.171 96.47.24.171	46263 (EDIALOG) (EDIALOG)
1 50	166.78.205.49 166.78.205.49	19994 (RACKSPACE) (RACKSPACE)
1	35.174.35.145 35.174.35.145	14618 (AMAZON-AES) (AMAZON-AES)
5	2a02:26f0:10c... 2a02:26f0:10c:59b::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.215.111 143.204.215.111	16509 (AMAZON-02) (AMAZON-02)
2	104.111.250.210 104.111.250.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	52.210.98.201 52.210.98.201	16509 (AMAZON-02) (AMAZON-02)
3	143.204.50.14 143.204.50.14	16509 (AMAZON-02) (AMAZON-02)
3	15.236.9.100 15.236.9.100	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	54.76.99.142 54.76.99.142	16509 (AMAZON-02) (AMAZON-02)
1	143.204.55.128 143.204.55.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1	52.30.191.169 52.30.191.169	16509 (AMAZON-02) (AMAZON-02)
2	52.72.191.53 52.72.191.53	14618 (AMAZON-AES) (AMAZON-AES)
2	34.228.122.241 34.228.122.241	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1 2	172.217.16.166 172.217.16.166	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	169.47.247.89 169.47.247.89	36351 (SOFTLAYER) (SOFTLAYER)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1	2406:da00:ff0... 2406:da00:ff00::36e1:a2d1	14618 (AMAZON-AES) (AMAZON-AES)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
3	169.48.74.156 169.48.74.156	36351 (SOFTLAYER) (SOFTLAYER)
1	169.47.250.195 169.47.250.195	36351 (SOFTLAYER) (SOFTLAYER)
2 2	54.154.51.227 54.154.51.227	16509 (AMAZON-02) (AMAZON-02)
1	2.20.138.90 2.20.138.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.169.168.49 35.169.168.49	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:4c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	72.247.179.145 72.247.179.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
121	43

1 96.47.24.171 (United States) 1 redirects

ASN46263 (EDIALOG, US)
PTR: mx1.bm16.maas.zetaglobal.net

e.email.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 166.78.205.49 (San Antonio, United States) 1 redirects

ASN19994 (RACKSPACE, US)
PTR: WorkingAdvantage.com

www.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.35.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-35-145.compute-1.amazonaws.com

initjs.rfk.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:10c:59b::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.111 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-111.fra53.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.250.210 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-210.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.98.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-98-201.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.50.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-50-14.osl50.r.cloudfront.net

d26opx5dl8t69i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

smetrics.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.99.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com

starget.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.55.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-55-128.osl50.r.cloudfront.net

static.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.191.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-191-169.eu-west-1.compute.amazonaws.com

entertainmentbenefitsgroupllc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.191.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-191-53.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.228.122.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-122-241.compute-1.amazonaws.com

alweb.rfk.workingadvantage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

409-bcn-480.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f166.1e100.net

6479484.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

9767737.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.47.247.89 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: 59.f7.2fa9.ip4.static.sl-reverse.com

dx.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da00:ff00::36e1:a2d1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

e-49.adzerk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.48.74.156 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: 9c.4a.30a9.ip4.static.sl-reverse.com

px.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.47.250.195 (Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: c3.fa.2fa9.ip4.static.sl-reverse.com

ww.steelhousemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.51.227 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-51-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.138.90 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-20-138-90.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.168.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-168-49.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.179.145 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a72-247-179-145.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	workingadvantage.com 2 redirects e.email.workingadvantage.com www.workingadvantage.com initjs.rfk.workingadvantage.com smetrics.workingadvantage.com starget.workingadvantage.com alweb.rfk.workingadvantage.com	2 MB
10	qualtrics.com zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com siteintercept.qualtrics.com	73 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net 6479484.fls.doubleclick.net 9767737.fls.doubleclick.net googleads.g.doubleclick.net	3 KB
5	steelhousemedia.com dx.steelhousemedia.com px.steelhousemedia.com ww.steelhousemedia.com	9 KB
5	demdex.net 1 redirects dpm.demdex.net entertainmentbenefitsgroupllc.demdex.net	4 KB
5	adobedtm.com assets.adobedtm.com	129 KB
4	boomtrain.com cdn.boomtrain.com people.api.boomtrain.com events.api.boomtrain.com	27 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	cloudfront.net d26opx5dl8t69i.cloudfront.net	76 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	nr-data.net bam.nr-data.net	466 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	61 KB
2	adsrvr.org 2 redirects match.adsrvr.org	981 B
2	google.de www.google.de	644 B
2	google.com www.google.com	644 B
2	mouseflow.com 1 redirects cdn.mouseflow.com	56 KB
2	googletagmanager.com www.googletagmanager.com	68 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	adzerk.net static.adzerk.net e-49.adzerk.net	12 KB
2	marketo.net munchkin.marketo.net	7 KB
1	newrelic.com js-agent.newrelic.com	14 KB
1	quantcount.com rules.quantcount.com	355 B
1	googleadservices.com www.googleadservices.com	11 KB
1	mktoresp.com 409-bcn-480.mktoresp.com	311 B
1	everesttech.net 1 redirects cm.everesttech.net	554 B
0	five9.com Failed app.five9.com Failed
121	27

	Domain	Requested by
50	www.workingadvantage.com	1 redirects www.workingadvantage.com
9	siteintercept.qualtrics.com	www.workingadvantage.com
5	assets.adobedtm.com	www.workingadvantage.com assets.adobedtm.com
4	dpm.demdex.net	1 redirects www.workingadvantage.com
3	px.steelhousemedia.com	www.workingadvantage.com
3	fonts.gstatic.com	fonts.googleapis.com
3	smetrics.workingadvantage.com	www.workingadvantage.com
3	d26opx5dl8t69i.cloudfront.net	www.workingadvantage.com
3	fonts.googleapis.com	www.workingadvantage.com
2	bam.nr-data.net	www.workingadvantage.com
2	match.adsrvr.org	2 redirects
2	www.google.de	www.workingadvantage.com
2	www.google.com	www.workingadvantage.com
2	9767737.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	6479484.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	alweb.rfk.workingadvantage.com	www.workingadvantage.com
2	people.api.boomtrain.com	www.workingadvantage.com
2	cdn.mouseflow.com	1 redirects www.workingadvantage.com
2	www.googletagmanager.com	www.workingadvantage.com
2	www.google-analytics.com	www.workingadvantage.com
2	munchkin.marketo.net	www.workingadvantage.com
1	js-agent.newrelic.com	www.workingadvantage.com
1	zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com	www.workingadvantage.com
1	pixel.quantserve.com	www.workingadvantage.com
1	secure.livechatinc.com	www.workingadvantage.com
1	rules.quantcount.com	www.workingadvantage.com
1	secure.quantserve.com	www.workingadvantage.com
1	events.api.boomtrain.com	www.workingadvantage.com
1	cdn.livechatinc.com	www.workingadvantage.com
1	ww.steelhousemedia.com	www.workingadvantage.com
1	googleads.g.doubleclick.net	www.workingadvantage.com
1	www.googleadservices.com	www.workingadvantage.com
1	e-49.adzerk.net	www.workingadvantage.com
1	dx.steelhousemedia.com	www.workingadvantage.com
1	409-bcn-480.mktoresp.com	www.workingadvantage.com
1	stats.g.doubleclick.net	www.workingadvantage.com
1	entertainmentbenefitsgroupllc.demdex.net	www.workingadvantage.com
1	static.adzerk.net	www.workingadvantage.com
1	starget.workingadvantage.com	www.workingadvantage.com
1	cm.everesttech.net	1 redirects
1	cdn.boomtrain.com	www.workingadvantage.com
1	initjs.rfk.workingadvantage.com	www.workingadvantage.com
1	e.email.workingadvantage.com	1 redirects
0	app.five9.com Failed	www.workingadvantage.com
121	44

This site contains links to these domains. Also see Links.

Domain
workingadvantage.com
www.ticketsatwork.com

Subject Issuer	Validity	Valid
www.workingadvantage.com Go Daddy Secure Certificate Authority - G2	`2019-09-19` - `2021-11-18`	2 years	crt.sh
*.rfk.plumbenefits.com Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
cdn.boomtrain.com Amazon	`2020-04-14` - `2021-05-14`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
smetrics.workingadvantage.com DigiCert SHA2 High Assurance Server CA	`2020-04-27` - `2021-08-04`	a year	crt.sh
starget.ticketsatwork.com DigiCert SHA2 High Assurance Server CA	`2020-03-09` - `2022-03-14`	2 years	crt.sh
*.adzerk.net Amazon	`2020-06-18` - `2021-07-18`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
*.api.boomtrain.com Amazon	`2020-01-13` - `2021-02-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.steelhousemedia.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-07-16`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
resources.ebgaffiliates.com Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
livechat.com DigiCert Secure Site ECC CA-1	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-09-09` - `2021-05-07`	8 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Frame ID: 0B2F1C4FFA75083F0A0966FC5EE1A173
Requests: 118 HTTP requests in this frame

Frame: https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0
Frame ID: B0FBF2FED5FF4F755384E8551B047BFB
Requests: 1 HTTP requests in this frame

Frame: https://6479484.fls.doubleclick.net/activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126
Frame ID: 58C631BE34F504CBFBE10B5D5030B705
Requests: 1 HTTP requests in this frame

Frame: https://9767737.fls.doubleclick.net/activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126
Frame ID: 0A020CFDABD708FCF80941F73AD60F9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.email.workingadvantage.com/click/Ec2llcnJhLmZ1bGxlckBpbnRlZ3Jpc29rLmNvbQ/CeyJtaWQiOiIxNTk5ODI5OTYwMTI1M... HTTP 302
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=Septemb... HTTP 302
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=Septemb... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

121
Requests

99 %
HTTPS

33 %
IPv6

27
Domains

44
Subdomains

43
IPs

7
Countries

2345 kB
Transfer

3509 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://workingadvantage.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://workingadvantage.com/terms.php
Title: Terms & Conditions of Use

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=category&id=36&utm_source=preferred_access_tickets&utm_medium=pa_sports_grid&utm_campaign=ncaa
Title: NCAA College Football

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=performer&id=5174
Title: Harry Styles

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=performer&id=707
Title: Luke Bryan

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=performer&id=29492
Title: Motley Crue

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=performer&id=26037
Title: JoJo Siwa

Search URL Search Domain Scan URL

URL: https://www.ticketsatwork.com/tickets/preferred_access.php?sub=performer&id=3164
Title: US Open Tennis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.email.workingadvantage.com/click/Ec2llcnJhLmZ1bGxlckBpbnRlZ3Jpc29rLmNvbQ/CeyJtaWQiOiIxNTk5ODI5OTYwMTI1MzhlM2NiMDRhY2JiIiwiY3QiOiJlYmctd2EtYmQxNGIzNjkwMTk4OWEyNjdkOTMwOWRiMzFlYzBjYmMtMSIsInJkIjoiaW50ZWdyaXNvay5jb20ifQ/HWkhfZWJnd2FfTkRCQU0wOTExMjAyMDI0MjUyNDEsZWIyLGh0dHBzOi8vd3d3LndvcmtpbmdhZHZhbnRhZ2UuY29tL3Nob3BwaW5nLnBocA/qP3N1Yj1lbnRlcnRhaW5tZW50JnV0bV9jYW1wYWlnbj1lbnRlcnRhaW5tZW50JnV0bV9tZWRpdW09U2VwdGVtYmVyLTExLTIwMjAtQW5uaXZlcnNhcnktQ29kZS1FQSZ1dG1fc291cmNlPUVtYWlsJmZyb21idWxsZXRpbj0xJmNsdGhhc2g9YzMyMGVlMWIyOWVjZmNkY2QwMjYzNDdlNjk5MzExM2NmYWE3MTNhMSZjbXBpZD0xMDc4NDUmdWlkPTEzNDYzOTc3JmNvbnZfc291cmNlPXpldGEmYnRfZWU9VDl5Z3I1QWJnTUswV1lVcDQ5ZnZnaVlBYlJla0E2OHc5a0JKelRNcDMxUEV5QjN0R0ZqTDRta3VoN1V0cDNKbyZidF90cz0xNTk5ODI5OTYwMTI2/sfcd9eb0a39 HTTP 302
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&frombulletin=1&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&cmpid=107845&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126 HTTP 302
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309

Request Chain 54

https://cm.everesttech.net/cm/dd?d_uuid=29313112810249421882278687902393681453 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2Dl2wAABXs30VL0

Request Chain 68

https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c.js HTTP 301
https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js

Request Chain 80

https://6479484.fls.doubleclick.net/activityi;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126 HTTP 302
https://6479484.fls.doubleclick.net/activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126

Request Chain 81

https://9767737.fls.doubleclick.net/activityi;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126 HTTP 302
https://9767737.fls.doubleclick.net/activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126

Request Chain 98

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=06d241aa-f76d-11ea-88b5-6b7edf24b384&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=06d241aa-f76d-11ea-88b5-6b7edf24b384&gdpr=&gdpr_consent= HTTP 302
https://px.steelhousemedia.com/tdsync?tdid=a5ff34cf-b9b5-48bb-a408-9241346d93fb&shguid=06d241aa-f76d-11ea-88b5-6b7edf24b384

121 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set shopping.php Show response
www.workingadvantage.com/
Redirect Chain

https://e.email.workingadvantage.com/click/Ec2llcnJhLmZ1bGxlckBpbnRlZ3Jpc29rLmNvbQ/CeyJtaWQiOiIxNTk5ODI5OTYwMTI1MzhlM2NiMDRhY2JiIiwiY3QiOiJlYmctd2EtYmQxNGIzNjkwMTk4OWEyNjdkOTMwOWRiMzFlYzBjYmMtMSIsI...
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&frombulletin=1&clthash=c320ee1b29ecfcdcd...
https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113c...

425 KB
426 KB

280ms
279ms

Document
text/html

166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

c07775b871026c40f3ff9d82e5a93247a0769f30609b097aff72a631f864139c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.workingadvantage.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: PHPSESSID=t9q8e0iur5nrl4s0h75bkudeic; WORKINGADVANTAGE=!TM1EqQuIzgIj18ThI+pXQ/sdO554NFPT4aq3yAX5kUcXZLpONViEO2JdiTvIxgAx5t5NdjCIi01W9iA=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: SAMEORIGIN
Referrer-Policy: unsafe-url
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: User-Agent
Set-Cookie: adzerk_keywords=%5B%22%22%2C%22shopping%20deals%22%5D; expires=Wed, 15-Sep-2021 21:52:24 GMT; Max-Age=31556926; path=/
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: SAMEORIGIN
Referrer-Policy: unsafe-url
Set-Cookie: PHPSESSID=t9q8e0iur5nrl4s0h75bkudeic; path=/; secure; HttpOnly WORKINGADVANTAGE=!TM1EqQuIzgIj18ThI+pXQ/sdO554NFPT4aq3yAX5kUcXZLpONViEO2JdiTvIxgAx5t5NdjCIi01W9iA=; path=/; Httponly; Secure
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: User-Agent
Location: /shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Content-Length: 0
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK li.js Show response
www.workingadvantage.com/common_resources/js/ 24 KB
25 KB 728ms
107ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/js/li.js

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

f83691006caa590b106a72a24d34c721cf398467e174ba6887a8adebbc88d2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25054
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 09 Sep 2020 13:42:31 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "61de-5aee19f893fc0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=77931
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Wed, 16 Sep 2020 13:42:31 GMT

GET
H2 200 init.js Show response
initjs.rfk.workingadvantage.com/rfk/js/11273-152007103/ 15 KB
7 KB 344ms
119ms Script
application/javascript 35.174.35.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://initjs.rfk.workingadvantage.com/rfk/js/11273-152007103/init.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.35.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-35-145.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: e55bdcab68a163c8d568b7493cd509cb1036c86dcacfdae824a1be7dd5a66e22

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 15 Sep 2020 16:03:38 GMT
cache-control: max-age=600
content-type: application/javascript
server: gunicorn/19.6.0
content-encoding: gzip
expires: Tue, 15 Sep 2020 16:13:38 GMT

GET
H2 200 launch-3ef1ffa7e1d7.min.js Show response
assets.adobedtm.com/a281455e4dfe/1c19d10a0484/ 423 KB
112 KB 31ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/1c19d10a0484/launch-3ef1ffa7e1d7.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ea82af784037d1de7d1f505ef74fb54f7bbd84e8e6b98ec121c259b151946189

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:38 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 13:06:04 GMT
server: AkamaiNetStorage
status: 200
etag: "7da1dc2693d7d664569bec42e2658aa9:1599656764.809176"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.workingadvantage.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 114401
expires: Tue, 15 Sep 2020 17:03:38 GMT

GET
H/1.1 200
OK reset.css
www.workingadvantage.com/css/ 1 KB
2 KB 133ms
112ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/reset.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1091
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "443-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK grid.css
www.workingadvantage.com/css/ 4 KB
4 KB 243ms
108ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/grid.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

d5630dd7ccdf3c5ebf9d77312e683ceb1825646177a6d253fc7b3fc3932fbac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3748
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "ea4-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK site.css
www.workingadvantage.com/css/ 53 KB
53 KB 319ms
107ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/site.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

7881826fd0910884a8b977e2d40f2ada8206e39f2d0e1e0cf5d2ac93cc836620

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 53765
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 29 Jul 2020 12:58:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "d205-5ab941b1dca80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK jquery-ui-1.10.3.custom.min.css
www.workingadvantage.com/css/ui-lightness/ 27 KB
27 KB 329ms
113ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/ui-lightness/jquery-ui-1.10.3.custom.min.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27155
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:26:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6a13-55876360166c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK chosen.min.css
www.workingadvantage.com/css/ 11 KB
12 KB 327ms
110ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/chosen.min.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:38 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 11634
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2d72-558763704cd00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.workingadvantage.com/css/ 27 KB
27 KB 334ms
113ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/font-awesome.min.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

4bcb0f820377a5dc80f3f43d991c950d5442ad601328305c0b52785c984bce48

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27448
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:27:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6b38-5587637235180"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK menu_default.css
www.workingadvantage.com/css/ 10 KB
10 KB 350ms
108ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/menu_default.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

176bfb0e73f4480f870fdf93e5f45624e7fc171b7d4adbc10d6475a382efd604

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 9984
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 29 Jul 2020 12:58:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2700-5ab941b1dca80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK shopping.css
www.workingadvantage.com/css/ 27 KB
27 KB 436ms
109ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/shopping.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

dbcfd21102a5cbd47a3ca9c0e14635dd6d1256aa46ef3ad4d2ece98f53a0fcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27172
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 29 Jul 2020 12:58:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6a24-5ab941b1dca80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK jquery.fancybox.css
www.workingadvantage.com/common_resources/css/fancybox2/ 5 KB
5 KB 458ms
107ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/css/fancybox2/jquery.fancybox.css?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4895
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:07:24 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "131f-55875eff85300"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
563 B 20ms
14ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d9e06c8582a76404d1268e85def103900cd1515a88e96ca31adfbe49e3f3d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 16:03:38 GMT
server: ESF
date: Tue, 15 Sep 2020 16:03:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
599 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 15:10:34 GMT
server: ESF
date: Tue, 15 Sep 2020 16:03:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
923 B 26ms
21ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:300,400|Open+Sans:400,600

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

668e5a6d3aa59ea989fd170f263595e3cc677388fa695fc8d979f76a616628ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 16:02:39 GMT
server: ESF
date: Tue, 15 Sep 2020 16:03:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Sep 2020 16:03:38 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
www.workingadvantage.com/common_resources/js/ 87 KB
88 KB 549ms
111ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/js/jquery-3.5.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 89476
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 31 Aug 2020 15:45:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "15d84-5ae2e4aba3840"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK jquery-ui-1.12.1.custom.min.js Show response
www.workingadvantage.com/js/ 248 KB
248 KB 566ms
108ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/jquery-ui-1.12.1.custom.min.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 253680
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 08 Jul 2019 13:02:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3def0-58d2b0df7b140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK jquery-migrate-3.0.0.min.js Show response
www.workingadvantage.com/js/ 7 KB
7 KB 594ms
108ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/jquery-migrate-3.0.0.min.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7084
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 08 Jul 2019 13:02:21 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1bac-58d2b0df7b140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK chosen.jquery.min.js Show response
www.workingadvantage.com/js/ 25 KB
26 KB 618ms
107ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/chosen.jquery.min.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25689
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:28:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "6459-5587639b37240"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK site.js Show response
www.workingadvantage.com/js/ 68 KB
68 KB 646ms
111ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/site.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3148a42202ebc4bb05acb4351a0d1986c8d5ed5ac2347231527f2b131345c11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 69335
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 12 Aug 2020 14:00:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "10ed7-5acae9d021680"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK menu_default.js Show response
www.workingadvantage.com/js/ 24 B
558 B 646ms
109ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/menu_default.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 07 Jan 2019 14:44:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "18-57edf427f5080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK shopping.js Show response
www.workingadvantage.com/js/ 2 KB
2 KB 700ms
106ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/shopping.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

358ec566bd8395bf6369b4a96d5e0fbe7f6190379caecff3f7572a692b87a1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1818
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 22 Apr 2020 14:53:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "71a-5a3e249d22b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK adzerk.js Show response
www.workingadvantage.com/js/ 3 KB
3 KB 726ms
106ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/js/adzerk.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

f376bc237a12675fa1e3f3b8f3751a6d4fd145bd903e940b9764fbd1f8327fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2801
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 21 Feb 2018 22:19:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "af1-565c05151e100"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK jquery.fancybox.js Show response
www.workingadvantage.com/common_resources/js/fancybox2/ 50 KB
50 KB 807ms
106ms Script
application/javascript 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/js/fancybox2/jquery.fancybox.js?ebgcbv=15

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

ba729661c14d7e8d902bb104a410fdab3fe511fa87084d400d6575bd65cd71c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 50725
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 05 Sep 2017 19:06:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c625-55875ee7adac0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK loading2.gif
www.workingadvantage.com/img/ 2 KB
2 KB 111ms
110ms Image
image/gif 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/loading2.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1924
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 31 Mar 2014 19:04:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "784-4f5ebb8d61480"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Thu, 15 Oct 2020 16:03:39 GMT

GET
H/1.1 200
OK quick_find_button_dn.png
www.workingadvantage.com/img/ 1 KB
2 KB 121ms
115ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/quick_find_button_dn.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

2e65aab1ba99688c2b60484968d1b8b5f809c38116043da511f2076ca4ac01cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1210
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 07 Aug 2014 13:38:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4ba-5000a32b5c700"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Expires: Thu, 15 Oct 2020 16:03:39 GMT

GET
H/1.1 200
OK icon-cart-default.svg
www.workingadvantage.com/common_resources/img/ 3 KB
3 KB 114ms
108ms Image
image/svg+xml 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/img/icon-cart-default.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

2730174ceec5a10a764e640aa5db06c831f1296116b78f646d58a33cf3e354a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 2975
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 06 May 2020 13:23:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b9f-5a4faac79dc80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Mon, 14 Dec 2020 16:03:39 GMT

GET
H/1.1 200
OK company_logo.php
www.workingadvantage.com/ 21 KB
22 KB 273ms
267ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/company_logo.php?code=831685271

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

5668e4aa2af34d8d8317136bba8878ab0ffb251b3478c109b794caf5873a0c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Content-Description: TAW/EBG Company Logo
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=companylogo_831685271
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=495
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK logo.png
www.workingadvantage.com/img/ 8 KB
9 KB 111ms
105ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

ebb8b0b73ecae21b1840d76dbf4f67f96ac8e821d437166e74400227766ae75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 8509
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 10 Nov 2015 14:07:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "213d-524303aea0a40"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Thu, 15 Oct 2020 16:03:39 GMT

GET
H/1.1 200
OK page321featured_large.jpg
www.workingadvantage.com/common_resources/shopping/ 44 KB
45 KB 148ms
113ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page321featured_large.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

27d0337b4a7578af11d5c24c055cc868435b1e556e7b8089069fc81a25f53fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 45303
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 12 Nov 2019 14:23:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b0f7-59726fdef14dd"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK page340featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 21 KB
22 KB 351ms
106ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page340featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

590617acfa1779e446ee74e4d23c2aed5ce09dd4cc4abb5dc58c8b86b64211ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 21602
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 22 May 2020 13:47:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5462-5a63cde9b9fbe"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=492
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page513featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 24 KB
24 KB 244ms
112ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page513featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

01cedd89b5a200c7b000605adc53cb9e1d68c30367999ee17c9988ce72dfbe4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24294
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 17 Jun 2020 14:38:14 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5ee6-5a8489c21e40c"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=493
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page321featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 13 KB
14 KB 158ms
115ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page321featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

a0f5909da264a1ce30b1cd9d2a8d3af8598380be855f258ddcb74802efc2dca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 13544
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 12 Nov 2019 14:05:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "34e8-59726bdf9c2e5"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H/1.1 200
OK page354featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 17 KB
17 KB 234ms
110ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page354featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3cdd578e4f91fb3f06358f0722a89614d78bafffd3cd3cf1043f81112fe3f28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 17322
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 01 May 2020 15:34:17 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "43aa-5a497ea15b1a5"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page500featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 13 KB
13 KB 274ms
115ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page500featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

09af78f0d9e9b345912eed79e264ea79003f6875b3171f78de0971bf2d918774

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 13227
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 29 May 2020 18:33:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "33ab-5a6cdacfb1cc4"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page316featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 26 KB
27 KB 345ms
110ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page316featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

cfa94db004e01c026a4e5fa05dd9a93057428bd9c9ab3c4892987c7517bf77ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 26602
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 04 Nov 2019 15:33:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "67ea-5968709a5187b"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=493
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page193featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 12 KB
13 KB 262ms
108ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page193featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

dff96a758d0549bfac7f5fdeb5efc7ff1f809778a21373c9b7a6ae71ad0885b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12321
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 18 Mar 2019 19:56:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "3021-58463c8b4022f"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page418featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 14 KB
15 KB 265ms
111ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page418featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

0a8e0bc7711e02e74c94e52fe03a3795f83c278f66811c7079e7b4505dca1c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 14790
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 08 Apr 2020 16:50:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "39c6-5a2ca4a868db8"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page364featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 6 KB
7 KB 114ms
113ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page364featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

bb38dfe9bb090a09bd8c903171c8f285dcffd5b343038f8b4bafe780dc290306

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 6327
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 11 Mar 2020 16:30:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "18b7-5a096c0cd7b51"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page335featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 24 KB
24 KB 112ms
112ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page335featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

ca841e89c6c0ce7a043d18817f66d20194e091db5269680a0df14d8fcc0c5eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24463
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 07 Feb 2020 16:32:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "5f8f-59dfeef5f95e2"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=493
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page254featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 18 KB
18 KB 111ms
111ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page254featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

4e1e5249a3fe550be547f50d80407ccc381d6aa8415a4dc1f7de8bf142b7ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 18265
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 02 Jul 2019 22:38:31 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4759-58cba67769924"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=492
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK page557featured_small.jpg
www.workingadvantage.com/common_resources/shopping/ 21 KB
22 KB 111ms
110ms Image
image/jpeg 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/shopping/page557featured_small.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3789bcf0020cd0917e2c6b0cb6d3ed65d82fb415ad466da2a2fdfc78f9b98bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 21924
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Fri, 07 Aug 2020 14:25:06 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "55a4-5ac4a5f141fe8"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=491
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK payment_option_logos.png
www.workingadvantage.com/img/ 12 KB
12 KB 124ms
123ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/payment_option_logos.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

3ff90e45faf4f1517337648274a38902d62cb6e0ee6dc5961a41383d348608fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 12229
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 25 Feb 2016 16:23:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2fc5-52c9a9ab9b200"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=493
Expires: Thu, 15 Oct 2020 16:03:40 GMT

GET
H/1.1 200
OK security_logos.png
www.workingadvantage.com/img/ 11 KB
11 KB 119ms
118ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/security_logos.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

38146b44624d2d25cb7cd5a6970ac3125fdf550fc88003c9e1d6c075916e496f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 10797
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 25 Feb 2016 16:23:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "2a2d-52c9a9ab9b200"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Expires: Thu, 15 Oct 2020 16:03:40 GMT

GET
H/1.1 200
OK logo.svg
www.workingadvantage.com/img/ 7 KB
8 KB 109ms
108ms Image
image/svg+xml 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/logo.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

7c8b033cc69116a4670f6828ace15adda22d4d3ed1bb17e31daea73abbdfbede

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7497
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Mon, 27 Aug 2018 15:48:45 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1d49-5746ca90c5140"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/svg+xml
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=493
Expires: Mon, 14 Dec 2020 16:03:40 GMT

GET five9-social-widget.min.js
app.five9.com/consoles/SocialWidget/ 0
0

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/ebg-wa/ 78 KB
25 KB 53ms
18ms Script
application/javascript 143.204.215.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/ebg-wa/p13n.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-111.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df42c5e3d907f4de487de8d1205e26ccc01dd029c02740212128e895dae6c8cd

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 15:55:34 GMT
Content-Encoding: gzip
Age: 486
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 01 Jun 2020 23:59:54 GMT
Server: AmazonS3
ETag: "d267e469e15c369cd1b74d5e1f1ccf21"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 d01ad8df731d3f120823f9e20df55147.cloudfront.net (CloudFront)
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: __AVDuTu8kpAuCNZA2WFJsImpHUl13kjZKIK7wvfTxaiTnC4jmMvkw==

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 62ms
20ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309
https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309

388 B
1 KB

34ms
33ms

XHR
application/json

52.210.98.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.98.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-98-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3aa0931cfaede1bfea26502a3b3823d1c5d2d91fbc85be67756f1d2613114f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-05654b94f.edge-irl1.demdex.com 5.78.0.20200908113611 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: pmIBG9/VTFU=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.workingadvantage.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 320
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.workingadvantage.com
X-TID: U59EtuhzTn8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&ts=1600185819309
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 11ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/1c19d10a0484/launch-3ef1ffa7e1d7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
status: 200
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Tue, 15 Sep 2020 17:03:39 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 12ms
10ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a281455e4dfe/1c19d10a0484/launch-3ef1ffa7e1d7.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
status: 200
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Tue, 15 Sep 2020 17:03:39 GMT

GET
H/1.1 200
OK bootstrap4.min.css
www.workingadvantage.com/css/bootstrap/ 153 KB
153 KB 118ms
108ms Stylesheet
text/css 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/bootstrap/bootstrap4.min.css

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/css/site.css?ebgcbv=15

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

1f7d6357a349f9b2e41547131f5dd5d1098529d07473a2b59220201c1602c8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/site.css?ebgcbv=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 156402
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 28 Apr 2020 14:20:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "262f2-5a45a8a02bb40"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=0
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H2 200 reflektion.js Show response
d26opx5dl8t69i.cloudfront.net/js/ 90 KB
40 KB 110ms
39ms Script
text/javascript 143.204.50.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26opx5dl8t69i.cloudfront.net/js/reflektion.js?t=888969
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-50-14.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cec0507b7d4d5d6c7093f22570d4c60dccd55a7c92afeabb3de438bb92187fce

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 17:24:12 GMT
content-encoding: gzip
age: 427168
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 40632
last-modified: Thu, 10 Sep 2020 16:45:39 GMT
server: AmazonS3
etag: "04fc699bf05ed2ba8a1cb9f233e20ecd"
x-amz-version-id: DTfIwa8i2z1dUiS5M3RxjGCxAznIvQKM
via: 1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
cache-control: max-age=31556926
x-amz-cf-pop: OSL50-C1
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: Q333XnjUm6q3_vRpITRFGE98VctZ4rqtsv-qI6drIpVEvnx-fqyLOw==

GET
H2 200 id Show response
smetrics.workingadvantage.com/ 48 B
495 B 94ms
23ms XHR
application/x-javascript 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.workingadvantage.com/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&mid=29281181548571345472275260600077533074&ts=1600185819476

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

cd21b26a7a46c47168c0a0800ee77d5fa7e86c33b4b66cb8901a1aec8f424d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Tue, 15 Sep 2020 16:03:39 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-6485bbc5d6-bm62z
vary: Origin
x-c: master-1362.Ibf4d3d.M0-447
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X2Dl2wAABXs30VL0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=29313112810249421882278687902393681453
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2Dl2wAABXs30VL0

42 B
915 B

31ms
31ms

Image
image/gif

52.210.98.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2Dl2wAABXs30VL0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.98.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-98-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-00e89c9b6.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: CZ2aAS10Sw8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2Dl2wAABXs30VL0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

POST
H2 200 delivery Show response
starget.workingadvantage.com/rest/v1/ 2 KB
1 KB 240ms
170ms XHR
application/json 54.76.99.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starget.workingadvantage.com/rest/v1/delivery?client=entertainmentbenefit&sessionId=936e0ff3380d4a638b52474a253773b8&version=2.3.2
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d652d8adf544703c7e290e8d25e5ed95610605ca968133e7dfbcf79740854e57

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
content-encoding: gzip
status: 200
vary: Origin,Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.workingadvantage.com
access-control-allow-credentials: true
x-request-id: def621898a832b652fc39dc59a8c8a4c

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 388 B
1 KB 35ms
35ms XHR
application/json 52.210.98.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&d_nsid=0&d_mid=29281181548571345472275260600077533074&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=userid%0113463977%011&ts=1600185819576

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.98.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-98-201.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7a435f242bee6aba45fd7c4205640e46513ec5bce8722584b9b54b101fa942c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v081-0909922a3.edge-irl1.demdex.com 5.78.0.20200908113611 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Error: 300
X-TID: 60w7WEJiQKc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.workingadvantage.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 319
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK li.php Show response
www.workingadvantage.com/common_resources/ 312 B
972 B 174ms
173ms XHR
application/json 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/li.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

4b94466b31d4af149c2061738bc7c973d3285b1b6ecd3cd195b72e36bc04216d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: XA4PUldACQMDUlhRAQc=
X-Requested-With: XMLHttpRequest
Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
Connection: Keep-Alive
Content-Length: 312
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=496
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ados.js Show response
static.adzerk.net/ 36 KB
9 KB 105ms
30ms Script
application/x-javascript 143.204.55.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adzerk.net/ados.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.55.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-55-128.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a06c84d24a0720845f312883b153444902da3a156d71ae4b0987dade9b9e113

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 21:26:19 GMT
content-encoding: gzip
age: 67040
x-cache: Hit from cloudfront
status: 200
content-length: 8847
last-modified: Tue, 12 Feb 2019 19:11:33 GMT
server: AmazonS3
etag: "b474e7534ed9268cfad43c6bdc0b784d"
x-amz-version-id: KfB3B3pmeXmwNyOhkqF0T3lhSAj_6n8t
via: 1.1 dac7cf040932e0c072eeed10afdd7b3f.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: OSL50-C1
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: D3nmjGKkX65WBFPi0mXadZ_rxN_B3k-HeG_fHq8lkhMYE_-SLe017Q==

GET
H/1.1 200
OK preferred_access_magnify.png
www.workingadvantage.com/img/ 16 KB
17 KB 308ms
111ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/preferred_access_magnify.png

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/css/site.css?ebgcbv=15

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

faba221e3f590049fae902ddc947a174a83fc892c93ba0bca2f565e8df569c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/site.css?ebgcbv=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 16465
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Tue, 28 Feb 2017 14:47:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "4051-54998478f8d00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Expires: Thu, 15 Oct 2020 16:03:40 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.workingadvantage.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 111583
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:03:56 GMT

GET
H/1.1 200
OK header-down-white.png
www.workingadvantage.com/img/ 178 B
714 B 150ms
113ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/img/header-down-white.png

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/css/menu_default.css?ebgcbv=15

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

826eb1e3bc852101a2ed78d2bb6bfcb72c27629842125c05a50466ebc9508ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/css/menu_default.css?ebgcbv=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 178
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 30 Jan 2020 18:50:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "b2-59d5fee1ec080"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2592000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Expires: Thu, 15 Oct 2020 16:03:39 GMT

GET
H/1.1 200
OK lato-bold-webfont.woff
www.workingadvantage.com/css/fonts/ 32 KB
32 KB 174ms
108ms Font
font/opentype 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/fonts/lato-bold-webfont.woff

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/css/site.css?ebgcbv=15

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.workingadvantage.com
Referer: https://www.workingadvantage.com/css/site.css?ebgcbv=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 32392
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Wed, 05 Feb 2014 21:28:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "7e88-4f1af71396400"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: font/opentype
Cache-Control: max-age=7776000, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=495
Expires: Mon, 14 Dec 2020 16:03:39 GMT

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 12 KB
12 KB 7ms
7ms Font
font/woff 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.workingadvantage.com
Referer: https://fonts.googleapis.com/css?family=Oswald
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:15:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:24 GMT
server: sffe
age: 110880
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:15:39 GMT

GET
H3-Q050 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,900

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.workingadvantage.com
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,900
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Sep 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 111583
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Tue, 14 Sep 2021 09:03:56 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.workingadvantage.com/css/fonts/ 65 KB
65 KB 181ms
114ms Font
text/plain 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/css/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/css/font-awesome.min.css?ebgcbv=15

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.workingadvantage.com
Referer: https://www.workingadvantage.com/css/font-awesome.min.css?ebgcbv=15
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Referrer-Policy: unsafe-url
Last-Modified: Mon, 02 May 2016 11:18:53 GMT
Server: Apache
ETag: "10440-531da28576140"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Content-Length: 66624
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 2879
date: Tue, 15 Sep 2020 15:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Tue, 15 Sep 2020 17:15:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
33 KB 33ms
31ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b87d59dac2dc8cc9562eb0cb3e0877e7a3d9c84474512ec7efd7328be2d171a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33921
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Sep 2020 16:03:39 GMT

GET
H2

200

913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c.js
https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js

167 KB
55 KB

14ms
13ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0fe774f7742fb05ce129c60668342bd3a1da364955478fd774e06bcedca072d2

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
content-encoding: gzip
last-modified: Sat, 05 Sep 2020 15:00:30 GMT
server: NetDNA-cache/2.2
etag: W/"2f6e4c4c9583d61:0"
status: 200
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

status: 301
date: Tue, 15 Sep 2020 16:03:39 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/913a7fd6-dc0a-49da-96d8-8f73cb55b75c_eu.js
content-type: text/html

GET
H/1.1 200
OK Cookie set dest5.html
entertainmentbenefitsgroupllc.demdex.net/ Frame B0FB 0
0 129ms
34ms Document
text/html 52.30.191.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://entertainmentbenefitsgroupllc.demdex.net/dest5.html?d_nsid=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-191-169.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: entertainmentbenefitsgroupllc.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=29313112810249421882278687902393681453
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 09 Sep 2020 13:37:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=29313112810249421882278687902393681453;Path=/;Domain=.demdex.net;Expires=Sun, 14-Mar-2021 16:03:40 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: U64u+KuHS0c=
Content-Length: 2785
Connection: keep-alive

POST
H/1.1 200
OK li.php Show response
www.workingadvantage.com/common_resources/ 0
584 B 378ms
146ms XHR
text/html 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.workingadvantage.com/common_resources/li.php

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
X-NewRelic-ID: XA4PUldACQMDUlhRAQc=
X-Requested-With: XMLHttpRequest
Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
P3P: policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa OUR OTR IND DSP IDC COR"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Content-Type: text/html; charset=iso-8859-1
Cache-Control: no-store, no-cache, must-revalidate
Keep-Alive: timeout=2, max=494
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK close.png
www.workingadvantage.com/common_resources/campaigns/ 4 KB
5 KB 145ms
111ms Image
image/png 166.78.205.49
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.workingadvantage.com/common_resources/campaigns/close.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

166.78.205.49 San Antonio, United States, ASN19994 (RACKSPACE, US),

Reverse DNS

WorkingAdvantage.com

Software

Apache /

Resource Hash

537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4163
X-XSS-Protection: 1; mode=block
Referrer-Policy: unsafe-url
Last-Modified: Thu, 07 Jan 2016 13:41:34 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "1043-528bea1065f80"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=0, public
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=494
Expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
6 KB 20ms
20ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Thu, 24 Dec 2020 16:03:39 GMT

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 374 B
689 B 429ms
125ms XHR
application/json 52.72.191.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6eyJlZSI6IlQ5eWdyNUFiZ01LMFdZVXA0OWZ2Z2lZQWJSZWtBNjh3OWtCSnpUTXAzMVBFeUIzdEdGakw0bWt1aDdVdHAzSm8ifX0%3D&site_id=ebg-wa
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.191.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-191-53.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b85deb3528f2b22ca641310a77c4df681660c365310d2e0476d5cc428eae2a68

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 374

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1745588353&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&ul=en-us&de=UTF-8&dt=Shopping%20Deals%20-%20Working%20Advantage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1649820785&gjid=2142121963&cid=396201048.1600185820&tid=UA-4045288-1&_gid=1062996480.1600185820&_r=1&z=1686556795

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-3.4.1.m.1588889810.js Show response
d26opx5dl8t69i.cloudfront.net/js/ 95 KB
33 KB 37ms
36ms Script
application/javascript 143.204.50.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26opx5dl8t69i.cloudfront.net/js/jquery-3.4.1.m.1588889810.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-50-14.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bed9883e3afc4f01beb8391653527dc2d5c8cfb3b1869dceebb7334142158fbf

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 May 2020 23:48:36 GMT
content-encoding: gzip
age: 11290505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 33438
last-modified: Thu, 07 May 2020 23:27:22 GMT
server: AmazonS3
etag: "61160be211038e73a64c8ba4e71d34a0"
x-amz-version-id: _4v6jx9BkibaPZt1vz0EmKTjiKsKT5tF
via: 1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
cache-control: max-age=31556926
x-amz-cf-pop: OSL50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: OELmJZAZcQKYYmVIy5QrEHRcxZyB_mNGmjNhmui4E5Lpl0_Q6m2rhg==

GET
H2 200 an
alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/ 44 B
162 B 346ms
114ms Image
image/gif 34.228.122.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/an?data=1,uO9GsO8W8z8Mcz0Jc3AJcj0Jtz4yb29Qt28W8BdErT1MqmVD84hBomNP82QwlSZOqSBKpO11p7pxrDhxpSkyb29Rqmgyey8Ndj8Mc3sNc3cJq6sJpzwJd74Jcn0Je6lRdPhQsnERdDsQc7gUdmNGdnEJcjoMc34UdjwNejASd28I8CxP8zEytTtTbDtLsCJFrCtxp7pxrDhxpSkKoSZJ8yMytn9F8zEybTdErT1MqmVDbD1Es3ZPtm8ZpmVQpn9QomBKrmlKt2pRt6RvoS5Js65FpSUZpmVQpn9QomBKrmlKt2pRt6RvrmlAqnlJfldBs7hBrm9BsyQNciQOc38Mbk5KrCBSpn9Pon9VbkdLp6kJhk4CtnhJnTdLtn9zpjR5rm5Fr2pzr7hEondEfmcPcz1Bpj5yczBBoSpzp6dAc38ScPgTpjoVejcNcjdzpC5xdP4Poj4CtmBAfj4Pd3oPejsT9CdLrDpvsSZRsCdBfnEyb29Qs7cyez4Sc30Ne3kUcjAVdzgI8DhzsO8WcjoMc34UdjwNejASd2MytCcyez4I8D1z8zENb29Ss6cyez4I8DgMs28WcjoMc34UdjwNdzAUd2Myt31F8zENdz0McjwRe34VcPoSb29Qc28WcjoMc34UdjwNejASd2Myt7dF8zENdz0McjwRe34Ue38Mb29Pqmgyey8Nc3kObzsMbzgUbz4Re30NbzcRdPsTbz4PcjxyoP8UoCoVe2QRd2QOc38Mc3AMdOUNdjkRd3wyb29zoO8WcjwMcjsI8CdQ8zENdz0McjgRcPATbz8Ub29OoScyez4TdP0Qb29zsT0yeDIyoy8Wc2Myt28Wc2MysT0yez0I8Ccyez1Zb29Quy8Wbj8I8CtBrO8WuO9z8zEygClOr6BK8yMyt7Eyez4I8CBM8zEye3AKczgVbzoQbz4Tci8I8CUyey94hi8I8D8yey92pn9IqmUyb29W8zEyjCZQnRdRs71LsDhBp29Zb29Romwyey9xp71CrDlzrCpyqDEyb29ys7cyeBJtb29Psy8WmP4Sc30Icj8Mc5QI8DtP8zFrcjoMc2MNcz0MniMyp28W8D1z8yMyj6dH8zENc3ARb29ysTcyey8Ncj4yb29cr7cyezwQcyMyj7dP8zETcPAI8D1O8zEyp6BOpmdQ8yMyoSdH8zEyrzRvpScIpzRDoONPfj4IoPQOejwVb7hOfjARb79KfjcOd2NQsPQOc38Mc3ANdiUNdz0Pb6gZs6cXrzRPoz4IpzRPoyNPfj4IoPQOc34Nb7gZcz0Ne34Oc3oKc30Rd3JKfn9TciNCfn9Tb7cZciNzfj8McjgIt3QOc34Ucj8MdyUMc3kQ8yMyt28WcjoMc34UdjwNejAUe7Q,&C=1,uO8AuSxZb2hXt7QI97JAviNRsSlO8zENb28AuSxZb2hXl7QI97JAviNRsSlO8zENb28AuSxZb2hXt7QI97JAviNFrCBQqDcyez4I8yhXq7QI97JQviMAuShZb7pFpnsyez4I8yhXq7QI97JkviMAuShZb71SqmlT8zENb28AuSxZb2hXt7QI97JAviNSqndFt28WciMy97JEviMAuRhZb2hXp7QIp7gNs7gMs3EN8zENb28AuSxZb2hXl7QI97JAviNAt31Qcn0Wci8WciMy97JEviMAuRhZb2hXp7QIp7gMt31Fez0yez4I8yhXq7QI97JkviMAuShZb71zez4yez4I8ChE8zEycjkOc30Tcj0P8yMyp28W8D1z8DQ,&t=1600185819991
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.122.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-122-241.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 15 Sep 2020 16:03:40 GMT
last-modified: Tue, 30 Jun 2020 21:31:10 GMT
server: gunicorn/19.6.0
content-length: 44
content-type: image/gif

GET
H2 200 an
alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/ 44 B
162 B 342ms
110ms Image
image/gif 34.228.122.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alweb.rfk.workingadvantage.com/rfkj/1/11273-152007103/an?data=1,uO9z8zENb29Qc28WcjoMc34UdjwNejASd2Myt7BMpi8W8DhOomdHhnpBrDgyb29KomRB8zEysCpHci8I8Dpxr7lB8zFX8DhVs6kyey9RsSlO8yMyrC5Jpi8W8CNLpSBK8yMytC5ItmkyeDIytndBsy8WuO9Fp28W8z4Pd3oPejsT8yMypCBOsThvrC5Jpi8W8y8I8CNxsThvrC5Jpi8W8y8I8ClJomBI8zEy8yMyomhAsClPsO8WuO9xp6hOpndPnSNFrClvci8W8y8I8C5Ap79BsTdvr6BKplYO8zEy8yMysThxt6kyey9fiO8I8DFFs28W8zsPcj4O8yMyoSZRrDhOui8W8y9ZvnRZb29Q8zENdz0McjwRe34VejwOb29QoTcyez4Sc30Ne3kUcjAVdzgI8D1z8zENb29SoO8WciMypmcyez4I8DlOqi8W8yZPq6ZMs6BKpOVMq70_sTlyfmlKt6lOt65FrCRBrDgCtnhJnSdxrn1xqmtKfmlKt6lOt65FrCRBrDgCtnhJnSRBp6BRrjRjpn1QpmRypn8Jcj4Jcz0Oc2R1rCVFtClOsS5OuiR3rShBbkl19DlQrlZPrTlOoSkZhmRxqmMCoSNQq65Pq3RzcP8MpmkNoz8VpmdCoShzp30OdzcQdSkSejAPcj4PoSpxojsNcS4N9DlFp3QNcPgScPATdOpzrSVSnTdLtn9zpjRWpnhx9C9QnSlBflgVumtOdk5ypQRbc5tpln0QempSpSBpgm9ipmJ1dzxTemJ2iDFkjn0Pcl15uk8Pt4t6qAMQrmJRq3tlt70PiCYCoDhvt7cZcjkVejwOejASc34Ody8I8DlFp28W8z4Rcz0MdP4McOREpORCe2QQsiQNs2QUpnkTd7hNuzkStPgMt3wRr6ERuyQNdz0McjwRe34VejoQ8yMysTkyeDIysDsyez4I8Ddy8zENviMyp28W8D1z8yMyoSdH8zEyrzRvpScIpzRDoONPfj4IoPQOejwVb7hOfjARb79KfjcOd2NQsPQOc38Mc3ANdiUNdz0Pb6gZs6cXrzRPoz4IpzRPoyNPfj4IoPQOc34Nb7gZcz0Ne34Oc3oKc30Rd3JKfn9TciNCfn9Tb7cZciNzfj8McjgIt3QOc34Ucj8MdyUMc3kQ8DQ,&t=1600185819994
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.122.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-122-241.compute-1.amazonaws.com
Software: gunicorn/19.6.0 /
Resource Hash: d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 15 Sep 2020 16:03:40 GMT
last-modified: Tue, 30 Jun 2020 21:31:10 GMT
server: gunicorn/19.6.0
content-length: 44
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-4045288-1&cid=396201048.1600185820&jid=1649820785&gjid=2142121963&_gid=1062996480.1600185820&_u=IEBAAAAAAAAAAC~&z=958301513

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 15 Sep 2020 16:03:40 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
409-bcn-480.mktoresp.com/webevents/ 2 B
311 B 654ms
168ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://409-bcn-480.mktoresp.com/webevents/visitWebPage?_mchNc=1600185820012&_mchCn=&_mchId=409-BCN-480&_mchTk=_mch-workingadvantage.com-1600185820011-73837&_mchHo=www.workingadvantage.com&_mchPo=&_mchRu=%2Fshopping.php&_mchPc=https%3A&_mchVr=159&_mchEcid=B5F9FF2554F608410A4C98C6%40AdobeOrg%3A6%3A29281181548571345472275260600077533074&_mchHa=&_mchRe=&_mchQp=sub%3Dentertainment__-__utm_campaign%3Dentertainment__-__utm_medium%3DSeptember-11-2020-Anniversary-Code-EA__-__utm_source%3DEmail__-__clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1__-__uid%3D13463977__-__conv_source%3Dzeta__-__bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo__-__bt_ts%3D1599829960126
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 949b5a76-d9b6-47f0-9b48-80234181593d

GET
H3-Q050

200

activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.ph...
6479484.fls.doubleclick.net/ Frame 58C6
Redirect Chain

https://6479484.fls.doubleclick.net/activityi;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping....
https://6479484.fls.doubleclick.net/activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fww...

0
0

43ms
27ms

Document
text/html

172.217.16.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6479484.fls.doubleclick.net/activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f166.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6479484.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 15 Sep 2020 16:03:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 600
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Sep-2020 16:18:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 15 Sep 2020 16:03:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6479484.fls.doubleclick.net/activityi;dc_pre=CKi0hNvE6-sCFXfhuwgdnYwKaA;src=6479484;type=retarget;cat=worki0;ord=1343469323533;gtm=2wg920;auiddc=1961719954.1600185820;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%...
9767737.fls.doubleclick.net/ Frame 0A02
Redirect Chain

https://9767737.fls.doubleclick.net/activityi;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3...
https://9767737.fls.doubleclick.net/activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantag...

0
0

45ms
29ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9767737.fls.doubleclick.net/activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9THHDH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9767737.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 15 Sep 2020 16:03:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 609
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Sep-2020 16:18:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 15 Sep 2020 16:03:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9767737.fls.doubleclick.net/activityi;dc_pre=CPCphdvE6-sCFUHRuwgdKIwDvA;src=9767737;type=retarget;cat=wa-si0;ord=6701429845686;gtm=2wg920;auiddc=1961719954.1600185820;u6=www.workingadvantage.com%2Fshopping.php;~oref=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK spx Show response
dx.steelhousemedia.com/ 13 KB
4 KB 506ms
124ms Script
application/javascript 169.47.247.89
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.steelhousemedia.com/spx?dxver=4.0.0&shaid=23005&tdr=&plh=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&cb=89696087235966610
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.47.247.89 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 59.f7.2fa9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 71d5c2161e3428ee47376520659552bae64b04ec9057f5cd903f3efc24733dbb

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Connection: close
Access-Control-Allow-Headers: Accept, Content-Type, x-requested-with, X-Custom-Header, Content-Encoding, Content-Length
Content-Length: 3991
X-Application-Context: application:prod:8080
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 85ms
62ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-701690947

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0293be3af3cb7649922639b9c3eca5eb5e2f0bf40b83fa772ac91040084db1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35646
x-xss-protection: 0
expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 23ms
18ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-4045288-1&cid=396201048.1600185820&jid=1649820785&_u=IEBAAAAAAAAAAC~&z=1676335690

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 22ms
17ms Image
image/gif 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-4045288-1&cid=396201048.1600185820&jid=1649820785&_u=IEBAAAAAAAAAAC~&z=1676335690

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 s55666872105672 Show response
smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.22.0-LAWA/ 43 B
672 B 24ms
23ms XHR
image/gif 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.22.0-LAWA/s55666872105672

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 15 Sep 2020 16:03:39 GMT
x-content-type-options: nosniff
x-c: master-1362.Ibf4d3d.M0-447
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 16 Sep 2020 16:03:40 GMT
server: jag
xserver: anedge-6485bbc5d6-6pzlz
etag: 3436372882296766464-4621794301856657870
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Mon, 14 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK ados Show response
e-49.adzerk.net/ 9 KB
3 KB 400ms
116ms Script
application/javascript 2406:da00:ff00::36e1:a2d1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://e-49.adzerk.net/ados?t=1600185820070&request={%22Placements%22:[{%22A%22:49,%22S%22:335053,%22D%22:%22azk57177%22,%22AT%22:1997},{%22A%22:49,%22S%22:335053,%22D%22:%22azk21357%22,%22AT%22:1996},{%22A%22:49,%22S%22:335053,%22D%22:%22azk2094%22,%22AT%22:1996},{%22A%22:49,%22S%22:335053,%22D%22:%22azk16964%22,%22AT%22:1996},{%22A%22:49,%22S%22:335053,%22D%22:%22azk37008%22,%22AT%22:4},{%22A%22:49,%22S%22:335053,%22D%22:%22azk5163%22,%22AT%22:4,%22Z%22:[158245]},{%22A%22:49,%22S%22:335053,%22D%22:%22azk52823%22,%22AT%22:2397,%22Z%22:[160117]},{%22A%22:49,%22S%22:335053,%22D%22:%22azk39608%22,%22AT%22:2397,%22Z%22:[171656]},{%22A%22:49,%22S%22:335053,%22D%22:%22azk31406%22,%22AT%22:2397,%22Z%22:[160209]},{%22A%22:49,%22S%22:993176,%22D%22:%22azk58258%22,%22AT%22:1997},{%22A%22:49,%22S%22:993176,%22D%22:%22azk10044%22,%22AT%22:1996},{%22A%22:49,%22S%22:993176,%22D%22:%22azk93516%22,%22AT%22:1996},{%22A%22:49,%22S%22:993176,%22D%22:%22azk72619%22,%22AT%22:1996},{%22A%22:49,%22S%22:993176,%22D%22:%22azk90816%22,%22AT%22:4,%22Z%22:[180366]}],%22Keywords%22:%22undefined%22,%22Referrer%22:%22%22,%22IsAsync%22:true}
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da00:ff00::36e1:a2d1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.16.1 / adzerk bifrost/
Resource Hash: 235932e3285b3f48e2c1b1acb2092c251bd2ff029ac230942064527c94d29716

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Content-Encoding: gzip
x-powered-by: adzerk bifrost/
Connection: keep-alive
Content-Length: 2843
x-served-by: engine-i-074698f4b05305ea4
Pragma: no-cache
Server: nginx/1.16.1
ETag: W/"2506-9+zi5zwMd2buZM9KvhPI0Bj1IGE"
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: undefined
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
Expires: 0

GET
H2 200 rfk_sb.css
d26opx5dl8t69i.cloudfront.net/css/f_sb/c_11273-152007103/e_live/ 10 KB
3 KB 53ms
52ms Stylesheet
text/css 143.204.50.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26opx5dl8t69i.cloudfront.net/css/f_sb/c_11273-152007103/e_live/rfk_sb.css?2020-09-10-v117704
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-50-14.osl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43b5625fc8ec9dc1c0ff8439f1081d82d9c2075bfdb28e39552eedd747c8762b

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _sK1lRFIMBj2ZX5DADmOk3a38bOc1gBj
content-encoding: gzip
etag: "d059df43e7dac1ce5fe7d384fe4e3dcb"
age: 1778
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2524
last-modified: Tue, 18 Aug 2020 18:55:43 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:501/gname:staff/uname:jonathanlee/gid:20/mode:33188/mtime:1597776941/atime:1597776288/md5:d059df43e7dac1ce5fe7d384fe4e3dcb/ctime:1597776941
date: Tue, 15 Sep 2020 15:34:02 GMT
content-type: text/css
via: 1.1 a7d2a4ec2f50830f128dc406960aef9b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: OSL50-C1
accept-ranges: bytes
x-amz-cf-id: 0suKfGMwZrbBmPmVuV2Tp8uRJriiotSI8NJRRHz7quutZDJU_Ml0QQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 18ms
18ms Script
text/javascript 216.58.205.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f226.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Sep 2020 16:03:40 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701690947/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701690947/?random=1600185820188&cv=9&fst=1600185820188&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa920&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&tiba=Shopping%20Deals%20-%20Working%20Advantage&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6245559a4cf5ed476e6e146593a8faf0f6d421449f3f407806f77dbc627507d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/701690947/ 42 B
538 B 42ms
29ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701690947/?random=1600185820188&cv=9&fst=1600185600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&tiba=Shopping%20Deals%20-%20Working%20Advantage&async=1&fmt=3&is_vtc=1&random=2427479703&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/701690947/ 42 B
538 B 43ms
27ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/701690947/?random=1600185820188&cv=9&fst=1600185600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa920&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&tiba=Shopping%20Deals%20-%20Working%20Advantage&async=1&fmt=3&is_vtc=1&random=2427479703&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK persons Show response
people.api.boomtrain.com/ 241 B
556 B 125ms
124ms XHR
application/json 52.72.191.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/persons?data=eyIkc2V0Ijp7ImVtYWlsIjoic2llcnJhLmZ1bGxlckBpbnRlZ3Jpc29rLmNvbSJ9LCJic2luIjoiWFJrdFJua0t0QXZ4VEJXQ0Nhb2ZUb3NyRE5IdkRxOUhVSXRsV2xGWEJLUHF2bFJDRHpSTGdMWGI4eTh0YWI3bkhLWGp3U095Z1hiQ1pDM1MrV1BMQ3c9PSJ9&site_id=ebg-wa
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.191.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-191-53.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41250be726cd0dbac08a0237c9444efd8eda3985c6ec8541e21a0e0ab280c8d4

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Sep 2020 16:03:40 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 241

GET
H2 200 s52269168831590
smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.22.0-LAWA/ 43 B
616 B 24ms
23ms Image
image/gif 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.workingadvantage.com/b/ss/entbenworking/1/JS-2.22.0-LAWA/s52269168831590?AQB=1&ndh=1&pf=1&t=15%2F8%2F2020%2018%3A3%3A40%202%20-120&cid.&userid.&id=13463977&as=1&.userid&.cid&mid=29281181548571345472275260600077533074&aamlh=6&ce=UTF-8&ns=entertainmentbenefits&g=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0W&cc=USD&v81=reflektion%20experience%20selected&pe=lnk_o&pev2=rfk&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=YUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&mcorgid=B5F9FF2554F608410A4C98C6%40AdobeOrg&lrt=111&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:40 GMT
x-content-type-options: nosniff
x-c: master-1362.Ibf4d3d.M0-447
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 16 Sep 2020 16:03:40 GMT
server: jag
xserver: anedge-6485bbc5d6-4dkfv
etag: 3436372882296766464-4621687298652176312
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 14 Sep 2020 16:03:40 GMT

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
2 KB 536ms
136ms Script
application/javascript 169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?fdx=1&ga_tracking_id=UA-4045288-1&ga_client_id=396201048.1600185820&shpt=Shopping%20Deals%20-%20Working%20Advantage&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-4045288-1%22%2C%22ga_client_id%22%3A%22396201048.1600185820%22%2C%22shpt%22%3A%22Shopping%20Deals%20-%20Working%20Advantage%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22OK%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%7D%7D&shaid=23005&plh=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&dxver=4.0.0&cb=89696087235966610&shadditional=googletagmanager%3Dtrue%2Csh_conversion%3DSHBLOCK&shpn=Entertainment&shps=Entertainment&shpc=Home
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: e1d452c1326d40a8ff653a0ed915e130530bdc8196da9c409fd76926bab731e3

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Sep 2020 16:03:42 GMT
Content-Encoding: gzip
Connection: close
P3P: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK gs Show response
ww.steelhousemedia.com/ 144 B
734 B 529ms
135ms Script
application/javascript 169.47.250.195
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww.steelhousemedia.com/gs
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.47.250.195 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: c3.fa.2fa9.ip4.static.sl-reverse.com
Software: istio-envoy /
Resource Hash: 36c62a55992c388d9649813d39138d8e21144db63fbbe1d2e294d5737e4abdf0

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:43 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
access-control-allow-origin: *
cache-control: private, max-age=31536000
x-envoy-upstream-service-time: 3
connection: close
content-type: application/javascript;charset=utf-8
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.steelhousemedia.com/ 2 KB
2 KB 403ms
152ms Script
application/javascript 169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://px.steelhousemedia.com/st?fdx=1&ga_tracking_id=UA-4045288-1&ga_client_id=396201048.1600185820&shpt=Shopping%20Deals%20-%20Working%20Advantage&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-4045288-1%22%2C%22ga_client_id%22%3A%22396201048.1600185820%22%2C%22shpt%22%3A%22Shopping%20Deals%20-%20Working%20Advantage%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A1%2C%22getTrackingIdByGA%22%3A%22FAILED%22%2C%22getTrackingIdByOther1%22%3A%22FAILED%22%2C%22getTrackingIdByOther2%22%3A%22OK%22%2C%22getClientIdByTracker%22%3A%22OK%22%2C%22shpt%22%3A%22OK%22%7D%7D&shaid=23005&plh=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&dxver=4.0.0&shadditional=googletagmanager%3Dtrue%2Csh_conversion%3DSHBLOCK&shpn=Entertainment&shps=Entertainment&shpc=Home&cb=1600185822616307&shguid=5a110c36-2421-3eff-8eeb-7f9b9398ff6b&shgts=1600185823147
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 07470c6aaaf90587a524f2a3993d97497fcf1cd622d5b78eae6de0bbaaf78df5

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 15 Sep 2020 16:03:43 GMT
Content-Encoding: gzip
Connection: close
P3P: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
Content-Type: application/javascript;charset=utf-8

GET
H/1.1

200
OK

tdsync
px.steelhousemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=06d241aa-f76d-11ea-88b5-6b7edf24b384&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=06d241aa-f76d-11ea-88b5-6b7edf24b384&gdpr=&gdpr_consent=
https://px.steelhousemedia.com/tdsync?tdid=a5ff34cf-b9b5-48bb-a408-9241346d93fb&shguid=06d241aa-f76d-11ea-88b5-6b7edf24b384

0
374 B

389ms
141ms

Image
text/plain

169.48.74.156
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.steelhousemedia.com/tdsync?tdid=a5ff34cf-b9b5-48bb-a408-9241346d93fb&shguid=06d241aa-f76d-11ea-88b5-6b7edf24b384
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.48.74.156 , Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS: 9c.4a.30a9.ip4.static.sl-reverse.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:03:43 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 8
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 0
x-application-context: application:prod,confluent:9025

Redirect headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:03:43 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://px.steelhousemedia.com/tdsync?tdid=a5ff34cf-b9b5-48bb-a408-9241346d93fb&shguid=06d241aa-f76d-11ea-88b5-6b7edf24b384
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 277

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 217 KB
60 KB 95ms
31ms Script
application/javascript 2.20.138.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.138.90 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-20-138-90.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cf2a54246fb77b11fc2167ebc2edbb2b72e95ac37db0f2f9299406f0777f35e1

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: or0PDwxiYei.2lqHe86IJg2LqgJn4J5C
content-encoding: gzip
last-modified: Tue, 15 Sep 2020 07:51:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "5c0eda350e64209c871bdb5ca6f80fb5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=28800
date: Tue, 15 Sep 2020 16:04:03 GMT
access-control-allow-origin: *
content-length: 60466
x-amz-cf-id: zsLe97LzWtmJIuUI9z7tF9051FzVcv-05JZvhLJuxuS5Z4W8THJKSg==
expires: Wed, 16 Sep 2020 00:04:03 GMT

GET
H2 200 RC2dfd4d823ad24d49be101b90e65504c5-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/1c19d10a0484/577de119cb97/ 7 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/1c19d10a0484/577de119cb97/RC2dfd4d823ad24d49be101b90e65504c5-source.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1726f87307b41d6152192f669ebdaef9efc47cdb248b13d42f5645f4f3640788

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 13:06:05 GMT
server: AkamaiNetStorage
status: 200
etag: "dca894224736e945538a206a1b807d4a:1599656765.680595"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.workingadvantage.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2021
expires: Tue, 15 Sep 2020 17:04:03 GMT

GET
H2 200 RC99c39b8088f34dd0a7fed9a34a10c2e6-source.min.js Show response
assets.adobedtm.com/a281455e4dfe/1c19d10a0484/577de119cb97/ 1019 B
847 B 10ms
10ms Script
application/x-javascript 2a02:26f0:10c:59b::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a281455e4dfe/1c19d10a0484/577de119cb97/RC99c39b8088f34dd0a7fed9a34a10c2e6-source.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:59b::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d7b78875ff7cfd38447085dd1914f810091c18eaf55521cb2dc1bc042adcec72

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 13:06:05 GMT
server: AkamaiNetStorage
status: 200
etag: "dca894224736e945538a206a1b807d4a:1599656765.680595"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.workingadvantage.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 574
expires: Tue, 15 Sep 2020 17:04:03 GMT

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
247 B 313ms
106ms XHR
text/plain 35.169.168.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.168.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-168-49.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Sep 2020 16:04:03 GMT
server: nginx
status: 200
allow: GET, HEAD, OPTIONS, POST
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 26ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:03 GMT
content-encoding: gzip
etag: "KhcnJMdjWpfMUgm9eIIqRQ=="
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 22 Sep 2020 16:04:03 GMT

GET
H2 200 rules-p-zhY3S1asLzBpZ.js Show response
rules.quantcount.com/ 3 B
355 B 118ms
103ms Script
application/x-javascript 2600:9000:2057:4c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-zhY3S1asLzBpZ.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:02:43 GMT
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 81
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: p48MsCVRcrd01b3Lsz6A3UeAu03TNzWlkQkCvse5y6Z5MRZUuCjE6w==

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/6912541/v2/ 1 KB
2 KB 188ms
147ms Script
application/javascript 72.247.179.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/6912541/v2/get_dynamic_config.js?t=1600185843845&referrer=&url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126&params=&channel_type=code&jsonp=__lc_data_647630
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.179.145 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a72-247-179-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f40a28b38a0c2df98cd2e445f6358a7b53fa079655888c0a39c3a4451cc41468

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Sep 2020 16:04:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Expose-Headers: X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control: max-age=0, no-cache, no-store
X-RateLimit-Reset: 1600185848
X-RateLimit-Remaining: 4997
Connection: keep-alive
Content-Length: 561
Expires: Tue, 15 Sep 2020 16:04:04 GMT

GET
H2 200 pixel;r=1987218601;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1987218601;rf=0;a=p-zhY3S1asLzBpZ;url=https%3A%2F%2Fwww.workingadvantage.com%2Fshopping.php%3Fsub%3Dentertainment%26utm_campaign%3Dentertainment%26utm_medium%3DSeptember-11-2020-Anniversary-Code-EA%26utm_source%3DEmail%26clthash%3Dc320ee1b29ecfcdcd026347e6993113cfaa713a1%26uid%3D13463977%26conv_source%3Dzeta%26bt_ee%3DT9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo%26bt_ts%3D1599829960126;fpan=1;fpa=P0-374842469-1600185843903;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=workingadvantage.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1600185843903;tzo=-120;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Sep 2020 16:04:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 / Show response
zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 52 KB
16 KB 94ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_5BxS0KFcxMOzRM9&t=1600185844037

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ab9df335022cae50b139c31c06ab1fcbc629e3add1c6652f5b525dbf69f99199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 448209
cf-polished: origSize=54177
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b59840000088393216200000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"d3a1-huVOFQXgWeyc88lkcJ6ojFCIDYg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 5d3394d5a8dc0883-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 nr-spa-1177.min.js Show response
js-agent.newrelic.com/ 37 KB
14 KB 8ms
7ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1177.min.js
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54cb1f867060c01677649ce2d5e65485b33ce06ea271cb4244cbdd22c31fe69a

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: gzip
x-amz-request-id: 276AB70349BBA7EE
x-cache: HIT
status: 200
content-length: 14161
x-amz-id-2: KlLSpvb3IGKlFgm3DDjf8mdRYVL9f8BWSi0FJFavSkHLQVY5nX3UsKU5l7iwZt+1TIxrjUmyla0=
x-served-by: cache-hhn4035-HHN
last-modified: Tue, 18 Aug 2020 17:23:34 GMT
server: AmazonS3
x-timer: S1600185844.044509,VS0,VE0
etag: "d89642b485486b2c9af6da463597333c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4266

GET
H/1.1 200
OK f30ac265f9 Show response
bam.nr-data.net/1/ 57 B
275 B 113ms
113ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f30ac265f9?a=10369366&v=1177.96a4d39&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=27071&ck=1&ref=https://www.workingadvantage.com/shopping.php&ap=168&be=2375&fe=27054&dc=26737&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1600185816984,%22n%22:0,%22f%22:1260,%22dn%22:1260,%22dne%22:1260,%22c%22:1260,%22ce%22:1260,%22rq%22:1261,%22rp%22:1541,%22rpe%22:2227,%22dl%22:1545,%22di%22:26733,%22ds%22:26735,%22de%22:26744,%22dc%22:27052,%22l%22:27053,%22le%22:27062%7D,%22navigation%22:%7B%7D%7D&fp=2916&fcp=2916&at=SBIFFQNPShk%3D&jsonp=NREUM.setToken
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
1 KB 205ms
203ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_5BxS0KFcxMOzRM9&Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d664916d6c38280e9ebdaee419170c18d720c98dfc75e7150fa465354b319eed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 5d3394d5f9e40883-CDG
vary: Accept-Encoding
cf-request-id: 05341b59b7000008839321a200000001

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 87 KB
26 KB 68ms
68ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e1420905c2d289c2a5af4e6dc9ddb1d6c9738a4263de9284c29b8390197426d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 482858
cf-polished: origSize=90342
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5a890000088393245200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"160e6-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d3394d74e9d0883-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 12.8f8692fd03c1726f0227.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
894 B 41ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.8f8692fd03c1726f0227.chunk.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2ef4312f429cbda7c6d1b1a298427f8ed412f9fac0f287d653d744fdf6a4ce77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 482859
cf-polished: origSize=2639
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5adf000008839324b200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a4f-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d3394d7c8410883-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.baf51cf6b4810d5e1387.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 25 KB
6 KB 42ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.baf51cf6b4810d5e1387.chunk.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a54eb5f8c1844210445373575f93c1505f85b0f52d504acc14fcd0e1afe49ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 482858
cf-polished: origSize=26961
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5adf000008839324c200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6951-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d3394d7c8420883-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
20 KB 41ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6762d2cdce16bb4a29b3a09cac6597a7412ef108784b554bf47f525007c1b98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 482852
cf-polished: origSize=57029
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5adf000008839324d200000001
last-modified: Wed, 09 Sep 2020 21:53:37 GMT
server: cloudflare
x-powered-by: Express
etag: W/"dec5-17474dc1ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 5d3394d7c8430883-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
1 KB 55ms
33ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eCZGzmPdtkUq0EB&Version=14&Q_ORIGIN=https://www.workingadvantage.com&Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b54c73fc81d52c41155c99264de5da05dbd5ee79816cec474bbc5ace519d6497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 114332
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5af20000d7154517d200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.workingadvantage.com
expires: Thu, 12 Sep 2030 08:18:32 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: true
cf-ray: 5d3394d7ed4ed715-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
596 B 62ms
40ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5mPBvFDb3REP0dT&Version=3&Q_InterceptID=SI_eCZGzmPdtkUq0EB&Q_ORIGIN=https://www.workingadvantage.com&Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a702cf7894c2df821533f079d5478160ec3bf7bf44af91a3eb46010cdb878d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 161724
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 05341b5af30000d7154517e200000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://www.workingadvantage.com
expires: Wed, 11 Sep 2030 19:08:40 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: true
cf-ray: 5d3394d7ed50d715-FRA
servershortname

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
185 B 124ms
123ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5mPBvFDb3REP0dT&Q_SIID=SI_eCZGzmPdtkUq0EB&Q_ASID=AS_56381657&Q_CLIENTVERSION=1.34.0&Q_CLIENTTYPE=web&r=1600185844516

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.workingadvantage.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 5d3394d84e43d715-FRA
vary: Accept-Encoding
cf-request-id: 05341b5b2b0000d71545180200000001

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
593 B 31ms
30ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b8757b4e8c5acbe9f94a7bfd274404340891caf93e8f7cbb968adbef0a3440a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Sep 2020 16:04:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-b3-traceid: 5e38cd3224b63cf1
age: 25873674
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
cf-bgj: imgq:85
vary: Accept-Encoding
content-length: 256
cf-request-id: 05341b5b2d0000088393253200000001
last-modified: Wed, 13 Nov 2019 00:06:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
x-b3-spanid: f1bb921ae5847590
x-b3-sampled: 0
accept-ranges: bytes
cf-ray: 5d3394d849ef0883-CDG
servershortname
expires: Sun, 18 Nov 2029 04:56:10 GMT

POST
H/1.1 200
OK f30ac265f9 Show response
bam.nr-data.net/events/1/ 24 B
191 B 113ms
113ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/f30ac265f9?a=10369366&v=1177.96a4d39&to=ZFUGY0tVWRdVB0ENVl0fMUVQG14KUAFNSklbQA%3D%3D&rst=28184&ck=1&ref=https://www.workingadvantage.com/shopping.php
Requested by: Host: www.workingadvantage.com
URL: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.workingadvantage.com/shopping.php?sub=entertainment&utm_campaign=entertainment&utm_medium=September-11-2020-Anniversary-Code-EA&utm_source=Email&clthash=c320ee1b29ecfcdcd026347e6993113cfaa713a1&uid=13463977&conv_source=zeta&bt_ee=T9ygr5AbgMK0WYUp49fvgiYAbRekA68w9kBJzTMp31PEyB3tGFjL4mkuh7Utp3Jo&bt_ts=1599829960126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.workingadvantage.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.five9.com
URL: https://app.five9.com/consoles/SocialWidget/five9-social-widget.min.js

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.workingadvantage.com/	1970-01-19 21:54:14	Name: __qca Value: P0-374842469-1600185843903

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.workingadvantage.com/js/jquery-migrate-3.0.0.min.js?ebgcbv=15(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.0.0
console-api	log	URL: https://cdn.livechatinc.com/tracking.js(Line 7) Message: [LiveChat] Your account has expired. Visit www.livechatinc.com to sign in and renew your subscription.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

409-bcn-480.mktoresp.com
6479484.fls.doubleclick.net
9767737.fls.doubleclick.net
alweb.rfk.workingadvantage.com
app.five9.com
assets.adobedtm.com
bam.nr-data.net
cdn.boomtrain.com
cdn.livechatinc.com
cdn.mouseflow.com
cm.everesttech.net
d26opx5dl8t69i.cloudfront.net
dpm.demdex.net
dx.steelhousemedia.com
e-49.adzerk.net
e.email.workingadvantage.com
entertainmentbenefitsgroupllc.demdex.net
events.api.boomtrain.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
initjs.rfk.workingadvantage.com
js-agent.newrelic.com
match.adsrvr.org
munchkin.marketo.net
people.api.boomtrain.com
pixel.quantserve.com
px.steelhousemedia.com
rules.quantcount.com
secure.livechatinc.com
secure.quantserve.com
siteintercept.qualtrics.com
smetrics.workingadvantage.com
starget.workingadvantage.com
static.adzerk.net
stats.g.doubleclick.net
ww.steelhousemedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.workingadvantage.com
zn5bxs0kfcxmozrm9-ebg.siteintercept.qualtrics.com
app.five9.com
104.111.250.210
104.17.208.240
104.17.209.240
143.204.215.111
143.204.50.14
143.204.55.128
15.236.9.100
151.101.114.110
162.247.242.20
166.78.205.49
169.47.247.89
169.47.250.195
169.48.74.156
172.217.16.134
172.217.16.166
192.28.147.68
2.20.138.90
216.58.205.226
23.111.9.38
2406:da00:ff00::36e1:a2d1
2600:9000:2057:4c00:6:44e3:f8c0:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:819::2003
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9d
2a02:26f0:10c:59b::1e80
34.228.122.241
35.169.168.49
35.174.35.145
52.210.98.201
52.30.191.169
52.72.191.53
54.154.51.227
54.76.99.142
66.117.28.86
72.247.179.145
96.47.24.171
01cedd89b5a200c7b000605adc53cb9e1d68c30367999ee17c9988ce72dfbe4f
0293be3af3cb7649922639b9c3eca5eb5e2f0bf40b83fa772ac91040084db1cb
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
06708edc30f6877320af98a385a4350ad9769c1aca9d44f8a262acf0c6dfefbd
07470c6aaaf90587a524f2a3993d97497fcf1cd622d5b78eae6de0bbaaf78df5
09af78f0d9e9b345912eed79e264ea79003f6875b3171f78de0971bf2d918774
0a8e0bc7711e02e74c94e52fe03a3795f83c278f66811c7079e7b4505dca1c5d
0b87d59dac2dc8cc9562eb0cb3e0877e7a3d9c84474512ec7efd7328be2d171a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fe774f7742fb05ce129c60668342bd3a1da364955478fd774e06bcedca072d2
1726f87307b41d6152192f669ebdaef9efc47cdb248b13d42f5645f4f3640788
176bfb0e73f4480f870fdf93e5f45624e7fc171b7d4adbc10d6475a382efd604
1d24d4a11bd569cd44e25a8c36341f9669fa448d55bbad6c993ac3362e852711
1d9e06c8582a76404d1268e85def103900cd1515a88e96ca31adfbe49e3f3d8e
1f7d6357a349f9b2e41547131f5dd5d1098529d07473a2b59220201c1602c8aa
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
235932e3285b3f48e2c1b1acb2092c251bd2ff029ac230942064527c94d29716
2730174ceec5a10a764e640aa5db06c831f1296116b78f646d58a33cf3e354a3
27d0337b4a7578af11d5c24c055cc868435b1e556e7b8089069fc81a25f53fe6
2e65aab1ba99688c2b60484968d1b8b5f809c38116043da511f2076ca4ac01cd
2eec22fcd09b2b38293ffa6f773ffbe507618a06c2f422c077ae565b15f9e6a5
2ef4312f429cbda7c6d1b1a298427f8ed412f9fac0f287d653d744fdf6a4ce77
3148a42202ebc4bb05acb4351a0d1986c8d5ed5ac2347231527f2b131345c11c
358ec566bd8395bf6369b4a96d5e0fbe7f6190379caecff3f7572a692b87a1a6
36c62a55992c388d9649813d39138d8e21144db63fbbe1d2e294d5737e4abdf0
3789bcf0020cd0917e2c6b0cb6d3ed65d82fb415ad466da2a2fdfc78f9b98bfa
38146b44624d2d25cb7cd5a6970ac3125fdf550fc88003c9e1d6c075916e496f
39a702cf7894c2df821533f079d5478160ec3bf7bf44af91a3eb46010cdb878d
3aa0931cfaede1bfea26502a3b3823d1c5d2d91fbc85be67756f1d2613114f13
3cdd578e4f91fb3f06358f0722a89614d78bafffd3cd3cf1043f81112fe3f28c
3fc6cf05f3910ead58e414f122581283b5dbd969596c39fcae4f6b442da1ab1e
3ff90e45faf4f1517337648274a38902d62cb6e0ee6dc5961a41383d348608fa
40073d8997c3dd31bc10edfd8601660cad988a7601170e17b19f4331eaf5c6e9
41250be726cd0dbac08a0237c9444efd8eda3985c6ec8541e21a0e0ab280c8d4
43b5625fc8ec9dc1c0ff8439f1081d82d9c2075bfdb28e39552eedd747c8762b
448e99a570408c6cf2eda6133ec9ea7b86b8494120fc2ab35f7fbab75fefa5e8
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4a06c84d24a0720845f312883b153444902da3a156d71ae4b0987dade9b9e113
4b8757b4e8c5acbe9f94a7bfd274404340891caf93e8f7cbb968adbef0a3440a
4b94466b31d4af149c2061738bc7c973d3285b1b6ecd3cd195b72e36bc04216d
4bcb0f820377a5dc80f3f43d991c950d5442ad601328305c0b52785c984bce48
4e1e5249a3fe550be547f50d80407ccc381d6aa8415a4dc1f7de8bf142b7ac86
537d4fed9f1381b8d19b83550252fa2cac347ab0f2a638d45deb81ac9e88ab31
54cb1f867060c01677649ce2d5e65485b33ce06ea271cb4244cbdd22c31fe69a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5668e4aa2af34d8d8317136bba8878ab0ffb251b3478c109b794caf5873a0c75
590617acfa1779e446ee74e4d23c2aed5ce09dd4cc4abb5dc58c8b86b64211ab
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6245559a4cf5ed476e6e146593a8faf0f6d421449f3f407806f77dbc627507d6
668e5a6d3aa59ea989fd170f263595e3cc677388fa695fc8d979f76a616628ea
670f9f133ae7b82f0b92b0b016879f59d2ebd885294c0d69f732860a9ecf609a
6762d2cdce16bb4a29b3a09cac6597a7412ef108784b554bf47f525007c1b98a
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
6dcf743efbf47f310fd9243d9aa78f4c3f6ee8ea260ad2f3d17a4fdda2479ab7
71d5c2161e3428ee47376520659552bae64b04ec9057f5cd903f3efc24733dbb
7881826fd0910884a8b977e2d40f2ada8206e39f2d0e1e0cf5d2ac93cc836620
7a435f242bee6aba45fd7c4205640e46513ec5bce8722584b9b54b101fa942c1
7c8b033cc69116a4670f6828ace15adda22d4d3ed1bb17e31daea73abbdfbede
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
826eb1e3bc852101a2ed78d2bb6bfcb72c27629842125c05a50466ebc9508ec8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e1420905c2d289c2a5af4e6dc9ddb1d6c9738a4263de9284c29b8390197426d
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9cd60e08308ac0d8d91d3cc2b6c4162607c6217b9e350e01854fbdbb70164747
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f5909da264a1ce30b1cd9d2a8d3af8598380be855f258ddcb74802efc2dca5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a44b5727bd453959ba8f2ae37fd2359272b730ada09e80fb2a5bbffd086ef075
a54eb5f8c1844210445373575f93c1505f85b0f52d504acc14fcd0e1afe49ffe
ab9df335022cae50b139c31c06ab1fcbc629e3add1c6652f5b525dbf69f99199
b54c73fc81d52c41155c99264de5da05dbd5ee79816cec474bbc5ace519d6497
b85deb3528f2b22ca641310a77c4df681660c365310d2e0476d5cc428eae2a68
ba729661c14d7e8d902bb104a410fdab3fe511fa87084d400d6575bd65cd71c4
bb38dfe9bb090a09bd8c903171c8f285dcffd5b343038f8b4bafe780dc290306
bed9883e3afc4f01beb8391653527dc2d5c8cfb3b1869dceebb7334142158fbf
c07775b871026c40f3ff9d82e5a93247a0769f30609b097aff72a631f864139c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca841e89c6c0ce7a043d18817f66d20194e091db5269680a0df14d8fcc0c5eba
cd21b26a7a46c47168c0a0800ee77d5fa7e86c33b4b66cb8901a1aec8f424d0f
cec0507b7d4d5d6c7093f22570d4c60dccd55a7c92afeabb3de438bb92187fce
cf2a54246fb77b11fc2167ebc2edbb2b72e95ac37db0f2f9299406f0777f35e1
cfa94db004e01c026a4e5fa05dd9a93057428bd9c9ab3c4892987c7517bf77ef
d1c4aa4fc27ca65d42b693b60f19546c4a50c002394c364dbbef45710858df7a
d5630dd7ccdf3c5ebf9d77312e683ceb1825646177a6d253fc7b3fc3932fbac7
d652d8adf544703c7e290e8d25e5ed95610605ca968133e7dfbcf79740854e57
d664916d6c38280e9ebdaee419170c18d720c98dfc75e7150fa465354b319eed
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d7b78875ff7cfd38447085dd1914f810091c18eaf55521cb2dc1bc042adcec72
dbcfd21102a5cbd47a3ca9c0e14635dd6d1256aa46ef3ad4d2ece98f53a0fcec
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df42c5e3d907f4de487de8d1205e26ccc01dd029c02740212128e895dae6c8cd
dff96a758d0549bfac7f5fdeb5efc7ff1f809778a21373c9b7a6ae71ad0885b9
e1d452c1326d40a8ff653a0ed915e130530bdc8196da9c409fd76926bab731e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55bdcab68a163c8d568b7493cd509cb1036c86dcacfdae824a1be7dd5a66e22
ea82af784037d1de7d1f505ef74fb54f7bbd84e8e6b98ec121c259b151946189
ebb8b0b73ecae21b1840d76dbf4f67f96ac8e821d437166e74400227766ae75d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f376bc237a12675fa1e3f3b8f3751a6d4fd145bd903e940b9764fbd1f8327fed
f40a28b38a0c2df98cd2e445f6358a7b53fa079655888c0a39c3a4451cc41468
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f69ebbd9d36211cef558cb24f539fb4c6ad866dc603cdc8f588ee3f63dbe3b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f83691006caa590b106a72a24d34c721cf398467e174ba6887a8adebbc88d2f5
faba221e3f590049fae902ddc947a174a83fc892c93ba0bca2f565e8df569c91

www.workingadvantage.com Open in urlscan Pro 166.78.205.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

99 %HTTPS

33 %IPv6

27 Domains

44 Subdomains

43 IPs

7 Countries

2345 kBTransfer

3509 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.workingadvantage.com Open in urlscan Pro
166.78.205.49 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

99 %
HTTPS

33 %
IPv6

27
Domains

44
Subdomains

43
IPs

7
Countries

2345 kB
Transfer

3509 kB
Size

1
Cookies

121 HTTP transactions
0 data transactions