![](/screenshots/d0539ccc-4a9c-4055-8015-8f4057317f2e.png)
my.workflowmax.com
Open in
urlscan Pro
23.32.29.9
Public Scan
Effective URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fcl...
Submission: On April 10 via manual from SG — Scanned from SG
Summary
TLS certificate: Issued by R3 on April 6th 2024. Valid for: 3 months.
This is the only time my.workflowmax.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 96.17.180.43 96.17.180.43 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 23.32.29.9 23.32.29.9 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 23.207.181.102 23.207.181.102 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2602:816:5001... 2602:816:5001::39 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.241.14 162.247.241.14 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
12 | 5 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-180-43.deploy.static.akamaitechnologies.com
app.my.workflowmax.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-9.deploy.static.akamaitechnologies.com
my.workflowmax.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-102.deploy.static.akamaitechnologies.com
edge.xero.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
xero.com
edge.xero.com — Cisco Umbrella Rank: 105291 |
581 KB |
4 |
workflowmax.com
2 redirects
app.my.workflowmax.com my.workflowmax.com |
23 KB |
2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 452 |
1 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1395 |
34 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
7 | edge.xero.com |
my.workflowmax.com
|
2 | bam.nr-data.net |
my.workflowmax.com
|
2 | my.workflowmax.com | |
2 | app.my.workflowmax.com | 2 redirects |
1 | js-agent.newrelic.com |
my.workflowmax.com
|
12 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.workflowmax.com |
www.xero.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.hubdoc.com R3 |
2024-04-06 - 2024-07-05 |
3 months | crt.sh |
*.xero.com GeoTrust RSA CA 2018 |
2023-07-17 - 2024-07-16 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-21 - 2025-04-22 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Frame ID: 57E449943D43BCB4DDECF1ACAB5D40F6
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/d0539ccc-4a9c-4055-8015-8f4057317f2e.png)
Page URL History Show full URLs
-
https://app.my.workflowmax.com/client/clientview.aspx?id=20749341
HTTP 302
https://app.my.workflowmax.com/login.aspx?ReturnUrl=%2fclient%2fclientview.aspx%3fid%3d20749341&id=20749341 HTTP 302
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%... Page URL
Detected technologies
Detected patterns
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Find out more
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Xero partner products
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://app.my.workflowmax.com/client/clientview.aspx?id=20749341
HTTP 302
https://app.my.workflowmax.com/login.aspx?ReturnUrl=%2fclient%2fclientview.aspx%3fid%3d20749341&id=20749341 HTTP 302
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
CombinedLogin
my.workflowmax.com/Access/Logon/ Redirect Chain
|
61 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xui.min.css
edge.xero.com/style/xui/14.1.2/ |
147 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
practicemanager.css
edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/ |
45 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wfm_xero_combined_logo.png
edge.xero.com/practice/workflowmax/web/122.0.0/images/xeroLogin/ |
24 KB 25 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iconLoader.js
edge.xero.com/style/xui-icon/6.1.2/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libs.js
edge.xero.com/practice/workflowmax/xerolegacy/1.0.2///content/2.16/ |
2 MB 504 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-combined.js
edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/areas/access/logon/ |
1000 B 823 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuiIconBlobES5.js
edge.xero.com/style/xui-icon/5.1.4/ |
63 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1.255.0.min.js
js-agent.newrelic.com/ |
105 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
my.workflowmax.com/ |
1 KB 578 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1c2672e9ec
bam.nr-data.net/1/ |
150 B 715 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1c2672e9ec
bam.nr-data.net/events/1/ |
24 B 406 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| webpackChunk:NRBA-1.255.0.PROD object| newrelic object| Ext object| wysihtml5ParserRules object| wysihtml5 function| Base string| id undefined| returnExports function| BigDecimal function| MathContext object| rangy function| setImmediate function| clearImmediate function| define function| expose object| moxie object| mOxie object| o object| plupload object| d3 object| XERO object| headerLoader3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.my.workflowmax.com/ | Name: ak_bmsc Value: 720FC7FB15DAA8A5FA31CA76288B37BC~000000000000000000000000000000~YAAQFbQRYNipUMSOAQAAuoVhxhc0lbV2HLjKPhExCu3f+IgG5ZqPv3QM70av3ulRqIKuavNb25A2A/7VTYwW1NmgP50y5uTSh2tdMx2NLopLQa0HynftEwJs96fny18gZWoHP4oGIfSQDn4xvYoZWr4Z2LEskv3rznyQqaICpFXiUumgSrc94mgFmLYoSuK1fYxP44Jp1n1n6hGjsDn5tm4bZxMKEFWhSO0ckeuNv4S3ccqyRTXtN7mIRabZowG/ofxCBHZ02MoG60lmZiko0zx2hT8YobFpwyGqrBXg90FfeNiJvWZGyqKYmnQocbah6whlkbvhMarcjo/2rgPt5tD9NPOBCMXDg66YqV6qxTKxx7E3zuzbB5FKoqqSAOzekfEyVIHg1amvsGgNka9a8ymGoQ== |
|
my.workflowmax.com/ | Name: __RequestVerificationToken Value: tjhvt-M5u2tCL2QqXg1gPYfrpmT9j4eYYTDlwln47TR5u1-KcS5R5sDWu0StfSv_oxY3dGudXw5gCKR40jCVFVHk1HA1 |
|
.my.workflowmax.com/ | Name: bm_sv Value: 8DA80C5CCAA457DF1CB952C4DEDC716B~YAAQBR0gF7FNK6uOAQAARYhhxhdzQSrzAimGs5xEND2lJanC3WTpIWzYGAAsvJmWiFdxPPIMfpqoBDxfpxka668UzwLWZalsJqW/3ykHPS/cdhVtAZk9TZ9FgVWtBF8V6W4hs2vd4Dk/DoIqWUwgqq2hY0joki6ElX/2/FxVp2N0nhJMHiQoutTG00bAqgozH0DsFmUWYzfqoeLg4BoG8dmuIgPmZ9vai1p3RR/ksY1M6zSIhHsoH5ZHydZdJI8qB3fi3KbRfQQ=~1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.my.workflowmax.com
bam.nr-data.net
edge.xero.com
js-agent.newrelic.com
my.workflowmax.com
162.247.241.14
23.207.181.102
23.32.29.9
2602:816:5001::39
96.17.180.43
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
232b598b638313121007a5b5e8aa02f5f71f95001df3261294c549641c15a284
2c060cc1e4c3a1942443c6477962ec94a4f86baa87313169d320244558860e8b
3371d44cedfc56d6657c61e4c1755e67ed86180e2bdf6520ce46d4982f861bed
42e86c35e7f5ea1002e3852ad72b9be2f78e60b7dc86a3b08ab2cb9cbe23d85d
4465cad6c8800ffc80ce29ab67ab349fdd2c9165dbe3f9b62f9e3ea12b671ad6
52179b4b535938c8b27c7bd3f54bfa471592172274bd00bf63e46792dfd025b5
65bcac48826304d67cd15bbaea3f3f1f95ffe86bb20021d8cbb753e5449109db
794be9e6f2748da97afbb89ef1861243b07e3fcb1f6ca965e477a85d53e4804f
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d8d558bed87860dcec1b4d20fe0c43592eda01b046282e3d4480ed35cce5a81a
e133ae24c564143457c1295ec95c195bbb3f7046fbd9126aed1741e0466ae1d5
e9fa81781021980cf3bfebc7bbd6e7013e648cd6914bd82b9e97d7e9e723c01d