www.workstream.io Open in urlscan Pro
34.251.201.224  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request terms Show response www.workstream.io/	52 KB 18 KB	486ms 260ms	Document text/html	34.251.201.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-201-224.eu-west-1.compute.amazonaws.com Software / Resource Hash a39e523438280cfa718031cf888f369da5d73b7870139778ea35a06476f3f06c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 content-encoding gzip content-length 18146 content-type text/html date Tue, 24 Jan 2023 02:06:07 GMT vary Accept-Encoding,x-wf-forwarded-proto x-cache MISS, MISS x-cache-hits 0, 0 x-cluster-name eu-west-1-prod-edge-blue x-served-by cache-iad-kjyo7100150-IAD, cache-dub4346-DUB x-timer S1674525967.798387,VS0,VE201
GET H2	200	workstream-2021.webflow.1ff030c11.css uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/css/	168 KB 24 KB	442ms 392ms	Stylesheet text/css	18.66.112.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/css/workstream-2021.webflow.1ff030c11.css Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2937488226d044db100a62cfa8137e3d4e2e3f347027b7a69743ad8beb4471e6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id rqQ3E7zUH.yuzjBPk46IU9rIPbw1J960 content-encoding gzip via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) date Tue, 24 Jan 2023 02:06:08 GMT x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 24209 last-modified Thu, 19 Jan 2023 18:13:19 GMT server AmazonS3 etag "a9b6ee38250c1aec2c25f01848e9ec48" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id 45_FDxvD872W-3bULLMn6Mdth87H6Q0fA9Z_vOF1l0qTDlZs90gx-w==
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	122ms 38ms	Script text/javascript	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 23 Jan 2023 19:13:36 GMT content-encoding gzip x-content-type-options nosniff age 24751 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 23 Jan 2024 19:13:36 GMT
GET H2	200	628685ecc30edf290767ba9e_logo.svg uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/	9 KB 4 KB	9ms 9ms	Image image/svg+xml	18.66.112.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/628685ecc30edf290767ba9e_logo.svg Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9de72ce9a965d1c436a87a177c62ba011060249b17608ec731dd241886724980 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 13 Dec 2022 09:41:21 GMT x-amz-version-id gM4L4u6oBg5ppVJIFEVlAswbQdG_diYA content-encoding gzip via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 3601487 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 19 May 2022 18:01:17 GMT server AmazonS3 etag W/"4d69f58c007cc43c9888f66ec7c1b798" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-id LsVXufYbB_Jm9lxFdMyiPsIcvZ4NMiIsaLN1NPSg7iutA3yhrJDbmQ==
GET H2	200	61263d38789c7049c0fc1b3b_bottom-arrow.svg uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/	309 B 768 B	9ms 8ms	Image image/svg+xml	18.66.112.109 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/61263d38789c7049c0fc1b3b_bottom-arrow.svg Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 65475f84446860e40d1c0fdef7d43436bce39b61da5111e016097cdeacc4ecd2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 13 Dec 2022 09:41:21 GMT x-amz-version-id sRIWeBc1Jleh8SAQOXxVTJD9hoVzm8rf via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) age 3601486 x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 309 last-modified Wed, 25 Aug 2021 12:53:15 GMT server AmazonS3 etag "0a985c8813106c808d873d1f4da73957" content-type image/svg+xml access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes x-amz-cf-id 7KWgo-ldwJytR5-Z7N0iI9YfSkXaKz12QQLYSyrVqxEM_M4miAhMgw==
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 30 KB	63ms 19ms	Script application/javascript	52.222.137.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6125e9b9dd9b460fa4265d27 Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-36.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.workstream.io/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 23 Jan 2023 04:59:20 GMT content-encoding br via 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront) age 76081 x-amz-cf-pop AMS50-C1 x-cache Hit from cloudfront last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate vary Accept-Encoding x-amz-cf-id _MM_Gav-spAnKAvQy0a2MJrg9cRw4QaWLx_BC0KYP4ittPuhUrqWvw==
GET H2	200	webflow.803f2468c.js Show response uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/js/	453 KB 80 KB	409ms 408ms	Script text/javascript	18.66.112.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/6125e9b9dd9b460fa4265d27/js/webflow.803f2468c.js Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-109.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9504e81c1fd9b51355a0a9978eeab38a8f215c8299adebcf58c477a9b2549f6c Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id evlAkmg4UQJpyQ71.wbQbuK2a_Ej1InF content-encoding gzip via 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront) date Tue, 24 Jan 2023 02:06:08 GMT x-amz-cf-pop FRA56-P5 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront content-length 81770 last-modified Thu, 19 Jan 2023 18:13:19 GMT server AmazonS3 etag "2954acdb73acdeb3ae1bdf16352dea50" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=84600, must-revalidate accept-ranges bytes x-amz-cf-id vRPKQhEvZgiPMoW94YQWWstGmeBrNu4RPXGIpSyTQG6fQpZB7nw6hg==
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	123ms 45ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 74e24dbab8d12848051d1ef8fe44a11fa7c4d3da08ae1952c23ad9f6b48957e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 24 Jan 2023 02:06:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 24 Jan 2023 02:06:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 24 Jan 2023 02:06:07 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	116ms 36ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 24 Jan 2023 00:07:30 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 7117 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Tue, 24 Jan 2023 02:07:30 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	97 KB 38 KB	194ms 77ms	Script application/javascript	2a00:1450:400d:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TV9LLQ2 Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cbd7fb5478bb8089010fce39fff939c75fc9cdfe111c9143bde58542394e71fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 24 Jan 2023 02:06:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38897 x-xss-protection 0 last-modified Tue, 24 Jan 2023 00:05:38 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 Jan 2023 02:06:07 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/	100 KB 27 KB	725ms 661ms	Script text/javascript	108.138.10.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/analytics.min.js Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.10.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-10-175.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2ce078db6708319cd3e9a8cf54aafb3d64bf6f432a5f4b5f76cdb23af389e38e Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 24 Jan 2023 02:06:09 GMT x-amz-version-id szmOUK8x90aBAMTv0ImHlwODSLx5k4a1 content-encoding br via 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 14 Dec 2022 00:03:14 GMT server AmazonS3 etag W/"d4f6fc9ed6b283b8758ed5ab91cf8400" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id eQgwyIEA9t4h1Mzshs0Wiq7h39QrXSEQRz6umh0TfSNbkvymk0ifPg==
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845 Request headers Referer Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H2	200	pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 fonts.gstatic.com/s/nunitosans/v12/	17 KB 17 KB	136ms 38ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 18 Jan 2023 19:45:48 GMT x-content-type-options nosniff age 454819 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17156 x-xss-protection 0 last-modified Mon, 09 May 2022 18:33:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jan 2024 19:45:48 GMT
GET H2	200	pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 fonts.gstatic.com/s/nunitosans/v12/	17 KB 17 KB	144ms 49ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 21 Jan 2023 12:09:47 GMT x-content-type-options nosniff age 222980 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17116 x-xss-protection 0 last-modified Mon, 09 May 2022 18:31:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jan 2024 12:09:47 GMT
GET H2	200	pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 fonts.gstatic.com/s/nunitosans/v12/	17 KB 17 KB	205ms 112ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 21:49:05 GMT x-content-type-options nosniff age 361022 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16980 x-xss-protection 0 last-modified Mon, 09 May 2022 18:33:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Jan 2024 21:49:05 GMT
GET H2	200	pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2 fonts.gstatic.com/s/nunitosans/v12/	17 KB 17 KB	174ms 83ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Thu, 19 Jan 2023 21:50:17 GMT x-content-type-options nosniff age 360950 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17324 x-xss-protection 0 last-modified Mon, 09 May 2022 18:31:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Jan 2024 21:50:17 GMT
GET H2	200	pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2 fonts.gstatic.com/s/nunitosans/v12/	17 KB 17 KB	172ms 95ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,regular,600,700,800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.workstream.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 22:24:19 GMT x-content-type-options nosniff age 272508 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16920 x-xss-protection 0 last-modified Mon, 09 May 2022 18:31:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 20 Jan 2024 22:24:19 GMT
GET H2	200	js Show response www.google-analytics.com/gtm/	111 KB 44 KB	52ms 50ms	Script application/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=OPT-M7DL7TP&cid=121604504.1674525968 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3c38c511cee9d332907df7a239aa8b06cdf3ffb06875a8a9009ebd0b184c4d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 24 Jan 2023 02:06:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44503 x-xss-protection 0 last-modified Tue, 24 Jan 2023 00:05:38 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 Jan 2023 02:06:07 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	47ms 46ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=556794928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.workstream.io%2Fterms&ul=en-us&de=UTF-8&dt=Terms%20%26%20Conditions%20-%20Workstream.IO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=2079400378&gjid=1654219891&cid=121604504.1674525968&tid=G-V9JC3V0SP1&_gid=1046424300.1674525968&_r=1&_slc=1&z=441713403 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.workstream.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 Jan 2023 02:06:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.workstream.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	224 KB 77 KB	78ms 78ms	Script application/javascript	2a00:1450:400d:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-V9JC3V0SP1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV9LLQ2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bd7be772056ca1f2095edb3a4a51d98f004f3a8a2f21735f9d6d9ac37c9b477c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 24 Jan 2023 02:06:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79192 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 24 Jan 2023 02:06:07 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 349 B	48ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-V9JC3V0SP1&gtm=2oe1n0&_p=556794928&_gaz=1&cid=121604504.1674525968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674525967&sct=1&seg=0&dl=https%3A%2F%2Fwww.workstream.io%2Fterms&dt=Terms%20%26%20Conditions%20-%20Workstream.IO&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V9JC3V0SP1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Tue, 24 Jan 2023 02:06:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.workstream.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 349 B	52ms 19ms	Ping text/plain	2a00:1450:4025:401::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V9JC3V0SP1&cid=121604504.1674525968&gtm=2oe1n0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-V9JC3V0SP1&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Tue, 24 Jan 2023 02:06:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.workstream.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	135ms 51ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V9JC3V0SP1&cid=121604504.1674525968&gtm=2oe1n0&aip=1&z=188676355 Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers pragma no-cache date Tue, 24 Jan 2023 02:06:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	settings Show response cdn.segment.com/v1/projects/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/	750 B 1 KB	618ms 602ms	XHR application/json	108.138.10.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.10.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-10-175.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 128012e0a6e0d18ddd5cd811c246f3d89288b592630d020fdd2743a45565028f Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Tue, 24 Jan 2023 02:06:10 GMT x-amz-version-id 9Ca6xA36HCo6MGvkBey.oyXGmwHBwPO2 via 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront x-amz-replication-status COMPLETED content-length 750 last-modified Wed, 30 Nov 2022 16:55:39 GMT server AmazonS3 etag "ad1ce405006fcec3c61429e045649968" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 accept-ranges bytes x-amz-cf-id VsVxiKtbLTUHCD6gah1x2m0yqaXJm4ulF_h0dqoA-Ws39V9UGbuR2w==
GET H2	200	a05qdwvr Show response widget.intercom.io/widget/	18 KB 7 KB	146ms 25ms	Script application/javascript	52.222.139.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/a05qdwvr Requested by Host: www.workstream.io URL: https://www.workstream.io/terms Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-125.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash 8f892e884104fe06ad8c84992f2ceb8eade345f882f620bd205b4207f589ea5b Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id AncBdPz9IkZNNw6v6HN6NlqX3jOgcstx content-encoding gzip via 1.1 fd4c476aa3616f643565cbbf3a891a78.cloudfront.net (CloudFront) date Tue, 24 Jan 2023 01:52:45 GMT x-amz-cf-pop AMS50-C1 age 804 x-amz-server-side-encryption AES256 x-cache Error from cloudfront alt-svc h3=":443"; ma=86400 content-length 6170 last-modified Mon, 23 Jan 2023 14:51:26 GMT server AmazonS3 etag "1938c4ce90873ec0d3bded81aec019c4" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=900, s-maxage=900, public accept-ranges bytes x-amz-cf-id uMrkbYa9Ug8NRUyeniFFFcjLndbO_DV0P0mO3L412nuQyGmMFVzLxw==
GET H2	200	frame-modern.a9c2053f.js Show response js.intercomcdn.com/ Frame 4044	461 KB 126 KB	83ms 17ms	Script application/javascript	52.222.139.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.a9c2053f.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/a05qdwvr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-92.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash ec7a868f46e95234304d8c6ecb005213b7dbadfd28c420e9a2d26e2bf5553a09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id n.R.g63OTLGf5MwIrGDhBh183NBtgcya content-encoding gzip via 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront) date Tue, 24 Jan 2023 00:31:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop AMS50-C1 age 5664 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 128300 last-modified Mon, 23 Jan 2023 14:49:28 GMT server AmazonS3 etag "e9f0908931097d096d4aab69007095bd" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id A50I2p1oJ7l63QA2pMsXPxlqzoOJoNLYeQpIml1CpqXge5J_MHTAUQ==
GET H2	200	vendor-modern.28eae32f.js Show response js.intercomcdn.com/ Frame 4044	236 KB 73 KB	114ms 48ms	Script application/javascript	52.222.139.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.28eae32f.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/a05qdwvr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.139.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-139-92.ams50.r.cloudfront.net Software AmazonS3 / Resource Hash be70a0f659dde3ccc1305ef090837689209a9159e959760bba2bdacaf68c1be0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers x-amz-version-id DuBOi9e0kf3PTgZrKpRRuLYCNaqkVR0L content-encoding gzip via 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront) date Tue, 24 Jan 2023 01:51:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop AMS50-C1 age 873 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 74408 last-modified Mon, 23 Jan 2023 14:04:42 GMT server AmazonS3 etag "7e99397cb24aaa6689d175a22a22b859" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id iJmyY9K-qi3yNp0BMdlJiRr4GIJ4mVbEWHXfi4X_gq6_mTSWWbC8Yg==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 4044	7 KB 3 KB	673ms 443ms	XHR application/json	107.21.107.85 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.a9c2053f.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.21.107.85 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-21-107-85.compute-1.amazonaws.com Software nginx / Resource Hash 46c992053660f02955e7127291419f8f0c634fa453572b26feedf0c565dcf1c9 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 24 Jan 2023 02:06:09 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0705273452fc644ba status 200 OK x-xss-protection 1; mode=block x-request-id 006vrg16rrur3bhrreng x-runtime 0.315119 server nginx etag W/"46c992053660f02955e7127291419f8f" x-ratelimit-remaining 13332 vary Accept,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://www.workstream.io x-intercom-version f3c9d148b5e6ca48d00eeb19acbc75d122bee935 cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1674525970 x-ratelimit-limit 13333 access-control-allow-methods POST, GET, OPTIONS access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA x-frame-options SAMEORIGIN
GET H2	200	ajs-destination.bundle.1466bb14223e695495e6.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	7ms 7ms	Script application/javascript	108.138.10.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.10.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-10-175.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1aab3c7efa1174866dc81b505ba5bc940bec1200e2b11758484cce9cf8f2cd43 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Sat, 14 Jan 2023 01:14:01 GMT x-amz-version-id qzWjColfvYmJt9QK.ywFCHjAOx0hDXnf content-encoding br via 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 age 867128 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 11 Jan 2023 00:21:35 GMT server AmazonS3 etag W/"238b8357fd89fec8e05754f2e8550aa2" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id t-BGcEyOEhyYXUa96BrOAErpekehWcr7KPaTvO46-dWmq0zW7PxB2Q==
GET H2	200	schemaFilter.bundle.debb169c1abb431faaa6.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	7ms 7ms	Script application/javascript	108.138.10.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.10.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-10-175.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42 Request headers accept-language de-DE,de;q=0.9 Referer https://www.workstream.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 16 Jan 2023 10:01:19 GMT x-amz-version-id U1.b7jA7DA5XfOYKki_5XMbemj_8ZWzM content-encoding br via 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 age 662691 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 07 Dec 2022 22:35:44 GMT server AmazonS3 etag W/"3e448afdfea355c0f19700d04431ce7d" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id ltek7YdgJMpwOm7p7AAKM6UN5wo2pad-i1x5VLhA38nOlOOXz1KMJw==
POST H2	200	p Show response analytics-api.workstream.io/v1/	21 B 336 B	519ms 469ms	Fetch application/json	2606:4700:10::6816:39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://analytics-api.workstream.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/9Kza15EGYJ4HyhwivDTDerDNym2ErsqP/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:39 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.workstream.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Content-Type text/plain Response headers date Tue, 24 Jan 2023 02:06:09 GMT strict-transport-security max-age=31536000 via 1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront) cf-cache-status DYNAMIC server cloudflare x-amz-cf-pop FRA56-P3 vary Origin x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://www.workstream.io cf-ray 78e5354b9d44bbd7-FRA content-length 21 x-amz-cf-id Bpokt-46nuWNWVSv9BTRB_uos-ctz9AElFvpueU3YLkeN-WMjWuDOA==

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| WebFont object| dataLayer string| GoogleAnalyticsObject function| ga object| analytics function| $ function| jQuery object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| tram object| Webflow object| intercomSettings function| Intercom object| google_tag_manager object| google_optimize function| onYouTubeIframeAPIReady object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| __intercomAssignLocation

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.workstream.io/	1970-01-20 09:10:12	Name: _gid Value: GA1.2.1046424300.1674525968
			.workstream.io/	1970-01-20 09:08:46	Name: _gat Value: 1
			.workstream.io/	1970-01-20 18:44:45	Name: _ga_V9JC3V0SP1 Value: GS1.1.1674525967.1.0.1674525967.60.0.0
			.workstream.io/	1970-01-20 18:44:45	Name: _ga Value: GA1.1.121604504.1674525968
			.workstream.io/	1970-01-20 17:54:21	Name: ajs_anonymous_id Value: f5d13519-42df-4f3d-a20f-2b72ee6af23f
			.workstream.io/	1970-01-20 15:37:35	Name: intercom-id-a05qdwvr Value: 1476246f-f141-42ae-ba5a-e6a19d8bc442
			.workstream.io/	1970-01-20 09:18:50	Name: intercom-session-a05qdwvr Value:
			.workstream.io/	1970-01-20 15:37:35	Name: intercom-device-id-a05qdwvr Value: 09564dbf-ab92-4503-a028-46dbe08d860c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics-api.workstream.io
api-iam.intercom.io
cdn.segment.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
region1.analytics.google.com
stats.g.doubleclick.net
uploads-ssl.webflow.com
widget.intercom.io
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.workstream.io
107.21.107.85
108.138.10.175
18.66.112.109
2001:4860:4802:34::36
2606:4700:10::6816:39
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2003
2a00:1450:4001:831::2003
2a00:1450:400d:803::2008
2a00:1450:4025:401::9b
34.251.201.224
52.222.137.36
52.222.139.125
52.222.139.92
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
128012e0a6e0d18ddd5cd811c246f3d89288b592630d020fdd2743a45565028f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1aab3c7efa1174866dc81b505ba5bc940bec1200e2b11758484cce9cf8f2cd43
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
2937488226d044db100a62cfa8137e3d4e2e3f347027b7a69743ad8beb4471e6
2ce078db6708319cd3e9a8cf54aafb3d64bf6f432a5f4b5f76cdb23af389e38e
46c992053660f02955e7127291419f8f0c634fa453572b26feedf0c565dcf1c9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
65475f84446860e40d1c0fdef7d43436bce39b61da5111e016097cdeacc4ecd2
6fce8ebc3557b63496f8fafe1c182f2aa8669550f9398b4d9beebddd43306ed3
74e24dbab8d12848051d1ef8fe44a11fa7c4d3da08ae1952c23ad9f6b48957e0
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8f892e884104fe06ad8c84992f2ceb8eade345f882f620bd205b4207f589ea5b
9504e81c1fd9b51355a0a9978eeab38a8f215c8299adebcf58c477a9b2549f6c
976177894b0cca88ff93ab02c6da363f2d55cce5d940139db955b251fcdd19a6
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
9de72ce9a965d1c436a87a177c62ba011060249b17608ec731dd241886724980
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a39e523438280cfa718031cf888f369da5d73b7870139778ea35a06476f3f06c
bd7be772056ca1f2095edb3a4a51d98f004f3a8a2f21735f9d6d9ac37c9b477c
be70a0f659dde3ccc1305ef090837689209a9159e959760bba2bdacaf68c1be0
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cbd7fb5478bb8089010fce39fff939c75fc9cdfe111c9143bde58542394e71fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c38c511cee9d332907df7a239aa8b06cdf3ffb06875a8a9009ebd0b184c4d0
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ec7a868f46e95234304d8c6ecb005213b7dbadfd28c420e9a2d26e2bf5553a09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d