workflowy.com
Open in
urlscan Pro
52.202.30.188
Public Scan
Submission Tags: falconsandbox
Submission: On July 21 via api from US
Summary
TLS certificate: Issued by Amazon on October 25th 2020. Valid for: a year.
This is the only time workflowy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 52.202.30.188 52.202.30.188 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.225.74.65 13.225.74.65 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:828::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c04::9a | 15169 (GOOGLE) (GOOGLE) | |
3 | 35.188.42.15 35.188.42.15 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.198.168.88 34.198.168.88 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 100.25.68.79 100.25.68.79 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 151.101.13.27 151.101.13.27 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.243.146 162.247.243.146 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
18 | 10 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-30-188.compute-1.amazonaws.com
workflowy.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-65.fra2.r.cloudfront.net
cdn.heapanalytics.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-168-88.compute-1.amazonaws.com
t.castle.io |
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-68-79.compute-1.amazonaws.com
heapanalytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
workflowy.com
workflowy.com |
3 MB |
3 |
sentry.io
sentry.io |
1 KB |
2 |
nr-data.net
bam-cell.nr-data.net |
1 KB |
2 |
heapanalytics.com
cdn.heapanalytics.com heapanalytics.com |
40 KB |
2 |
google-analytics.com
1 redirects
ssl.google-analytics.com |
17 KB |
1 |
newrelic.com
js-agent.newrelic.com |
12 KB |
1 |
castle.io
t.castle.io |
103 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
100 B |
18 | 8 |
Domain | Requested by | |
---|---|---|
6 | workflowy.com |
workflowy.com
|
3 | sentry.io |
workflowy.com
|
2 | bam-cell.nr-data.net |
js-agent.newrelic.com
workflowy.com |
2 | ssl.google-analytics.com |
1 redirects
workflowy.com
|
1 | js-agent.newrelic.com |
workflowy.com
|
1 | heapanalytics.com |
workflowy.com
|
1 | t.castle.io |
workflowy.com
|
1 | stats.g.doubleclick.net |
workflowy.com
|
1 | cdn.heapanalytics.com |
workflowy.com
|
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.workflowy.com Amazon |
2020-10-25 - 2021-11-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
cdn.heapanalytics.com Amazon |
2020-09-24 - 2021-10-26 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-07-05 - 2021-09-27 |
3 months | crt.sh |
sentry.io DigiCert SHA2 Secure Server CA |
2020-06-02 - 2022-06-07 |
2 years | crt.sh |
castle.io Amazon |
2020-12-12 - 2022-01-10 |
a year | crt.sh |
heapanalytics.com Amazon |
2020-12-24 - 2022-01-22 |
a year | crt.sh |
*.newrelic.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-05 - 2022-06-06 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://workflowy.com/s/initial-doc/vDn5IqiFTwLx2aT7
Frame ID: 4CA7CC2AEFAA93563543C6C56129BC7D
Requests: 18 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Heap (Analytics) Expand
Detected patterns
- script /heap-\d+\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=929494238&utmhn=workflowy.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Initial%20Doc%20-%20WorkFlowy&utmhid=520565528&utmr=-&utmp=%2Fapp%2F&utmht=1626893039390&utmac=UA-11472180-1&utmcc=__utma%3D218586911.537944338.1626893039.1626893039.1626893039.1%3B%2B__utmz%3D218586911.1626893039.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1193310965&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-11472180-1&cid=537944338.1626893039&jid=1193310965&_v=5.7.2&z=929494238
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
vDn5IqiFTwLx2aT7
workflowy.com/s/initial-doc/ |
16 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
workflowy.com/media/css/ |
928 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
document_view.min.js
workflowy.com/media/js/ |
3 MB 3 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
workflowy.com/media/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
heap-3862285499.js
cdn.heapanalytics.com/js/ |
102 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
stats.g.doubleclick.net/r/ Redirect Chain
|
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
sentry.io/api/194027/envelope/ |
2 B 403 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_initialization_data
workflowy.com/ |
2 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
t.castle.io/v1/ |
27 B 103 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h
heapanalytics.com/ |
37 B 259 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
workflowy.com/get_user_data/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
71a5aa67-1338-4e9a-a7bd-4e87322567d3
https://workflowy.com/ |
26 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1210.min.js
js-agent.newrelic.com/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
sentry.io/api/194027/envelope/ |
2 B 403 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
sentry.io/api/194027/store/ |
41 B 443 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eaeea54ab7
bam-cell.nr-data.net/1/ |
49 B 891 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eaeea54ab7
bam-cell.nr-data.net/events/1/ |
24 B 501 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
77 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| PROJECT_TREE_DATA_URL_PARAMS number| CLIENT_VERSION string| MEDIA_URL string| URL_PRE_PATH_FOR_PACKAGED_APPS boolean| APPCACHE_ENABLED boolean| FULL_OFFLINE_ENABLED string| APPCACHE_ID string| SOURCE_VERSION undefined| GUIDE_ID boolean| IS_GUIDE_MODE string| STRIPE_PUBLIC_KEY boolean| LOG_DEBUG_MESSAGES boolean| DEMO_MODE boolean| EMBED object| FIRST_LOAD_FLAGS boolean| READ_ONLY_MAIN_TREE object| PAYMENT_PLANS object| _gaq object| heap object| _gat object| gaGlobal object| webpackChunkworkflowy_js function| hex_md5 function| Stripe object| __SENTRY__ object| PluginDetect function| _castle object| Capacitor function| dumpData object| FontAwesomeConfig object| ___FONT_AWESOME___ object| apphooks function| saveAs function| _ object| fastdom function| Feature function| focusFirstChildOfSelected object| WF function| $ function| createNewProject function| toggleCompletedVisibility function| keyboardZoomOut function| keyboardZoomIn function| selectProjectReferenceInstantly function| focusLastProject function| filterReadOnlyProjects function| addItemToTopOfSelected function| applyLocalMoveForProjectReferences function| blurFocusedContent function| childrenAreInReadOnlyTree function| getActivePage function| getMainProjectTree function| getCurrentlyFocusedContent function| selectOnActivePage function| showSharePopup function| getProjectReferenceFromDomProject function| getRootDescendantTagCounts function| getValidSavedLocations function| htmlEscapeText function| htmlEscapeTextForContent object| location_history object| undo_redo object| localstorage_helper1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.workflowy.com/ | Name: __cid Value: 1a30e53b-1f1f-4f80-8f7d-00a39695d9e8-17a51502610f67da976567da976567da976567 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
cdn.heapanalytics.com
heapanalytics.com
js-agent.newrelic.com
sentry.io
ssl.google-analytics.com
stats.g.doubleclick.net
t.castle.io
workflowy.com
100.25.68.79
13.225.74.65
151.101.13.27
162.247.243.146
2a00:1450:4001:80f::2008
2a00:1450:4001:828::2008
2a00:1450:400c:c04::9a
34.198.168.88
35.188.42.15
52.202.30.188
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
20b1c4b5d2be0eed0abb524023534e08d98d34d82c01d60ceb40d9b387eb8ac5
319983a4367bd8a2e1f085aada03f8fa44b9d494209b722f0d6fb6ae93c33e86
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858ebbb77d7504548fed0fb9088d90b774945e88b0464d42a44c4829a84b972d
8eeacb0b34425c164478fde93e3ce52a6ff30b5043fe9d48612e7866579bd1d6
95fda2f772fd73e61037c6e9c7a79e4934c75677317ee061e197aaf5147692b3
9d501e87fd8876c75e6f8d3d7fb285006e2dcf1d13096ef1b58227073ddd1341
aa04cb3d53adfd2b01d1dc846f0f4ed7fe1090418b490979702be2339e056d2c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c8584c40885336799c5cb87d434f23692ff98bf21b7bdddc5308b2b808a1aa91
d54da90c22546d76d6252928a92447687b789065844199c42784130bb208023e
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
f58651f18a180b05b2149933bb9584ce69c19f7834b80b76e6b08c3b0cefb149