urlscan.io logo urlscan.io
SecurityTrails logo

my.workflowmax.com Open in urlscan Pro
23.32.29.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://app.my.workflowmax.com/client/clientview.aspx?id=20749341
Effective URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fcl...
Submission: On April 10 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 23.32.29.9, located in Singapore, Singapore and belongs to AKAMAI-ASN1, NL. The main domain is my.workflowmax.com.
TLS certificate: Issued by R3 on April 6th 2024. Valid for: 3 months.
This is the only time my.workflowmax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 96.17.180.43 20940 (AKAMAI-ASN1)
2 23.32.29.9 20940 (AKAMAI-ASN1)
7 23.207.181.102 16625 (AKAMAI-AS)
1 2602:816:5001... 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
12 5
2    96.17.180.43 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-180-43.deploy.static.akamaitechnologies.com
app.my.workflowmax.com
2    23.32.29.9 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-9.deploy.static.akamaitechnologies.com
my.workflowmax.com
7    23.207.181.102 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-102.deploy.static.akamaitechnologies.com
edge.xero.com
1    2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
7 xero.com
edge.xero.com — Cisco Umbrella Rank: 105291
581 KB
4 workflowmax.com
app.my.workflowmax.com
my.workflowmax.com
23 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 452
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 1395
34 KB
12 4
Domain Requested by
7 edge.xero.com my.workflowmax.com
2 bam.nr-data.net my.workflowmax.com
2 my.workflowmax.com
2 app.my.workflowmax.com 2 redirects
1 js-agent.newrelic.com my.workflowmax.com
12 5

This site contains links to these domains. Also see Links.

Domain
www.workflowmax.com
www.xero.com
Subject Issuer Validity Valid
www.hubdoc.com
R3		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.xero.com
GeoTrust RSA CA 2018		 2023-07-17 -
2024-07-16		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Frame ID: 57E449943D43BCB4DDECF1ACAB5D40F6
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://app.my.workflowmax.com/client/clientview.aspx?id=20749341 HTTP 302
    https://app.my.workflowmax.com/login.aspx?ReturnUrl=%2fclient%2fclientview.aspx%3fid%3d20749341&id=20749341 HTTP 302
    https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

12
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

637 kB
Transfer

2846 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.my.workflowmax.com/client/clientview.aspx?id=20749341 HTTP 302
    https://app.my.workflowmax.com/login.aspx?ReturnUrl=%2fclient%2fclientview.aspx%3fid%3d20749341&id=20749341 HTTP 302
    https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CombinedLogin
my.workflowmax.com/Access/Logon/
Redirect Chain
  • https://app.my.workflowmax.com/client/clientview.aspx?id=20749341
  • https://app.my.workflowmax.com/login.aspx?ReturnUrl=%2fclient%2fclientview.aspx%3fid%3d20749341&id=20749341
  • https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
61 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.29.9 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e133ae24c564143457c1295ec95c195bbb3f7046fbd9126aed1741e0466ae1d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
zh-SG,zh;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private
content-encoding
gzip
content-language
en-US
content-length
21194
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 05:01:04 GMT
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1

Redirect headers

cache-control
private
content-length
273
content-type
text/html; charset=utf-8
date
Wed, 10 Apr 2024 05:01:04 GMT
location
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
xui.min.css
edge.xero.com/style/xui/14.1.2/ 		147 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/style/xui/14.1.2/xui.min.css
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
52179b4b535938c8b27c7bd3f54bfa471592172274bd00bf63e46792dfd025b5

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9IazAAOetPNNe22k8p87_Iqhc1VX4aoK
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
VPGQMZG0CDSQXY6P
x-amz-replication-status
COMPLETED
content-length
16966
x-amz-id-2
foMZFh17wTms+KwFJ3fzqqAHYqvIYZCV++zAt5wN2nHFALs7PtA2mfyfqcvibNl57FtNpqyKkiXFWwly9hRDbtk4bqbZEXDpYN8Rq6BD3aU=
last-modified
Fri, 10 Nov 2023 05:15:48 GMT
server
Akamai Resource Optimizer
etag
"20ffea80fc30c9c8da34e3f199b18382"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4768514
accept-ranges
bytes
practicemanager.css
edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/practicemanager.css
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
794be9e6f2748da97afbb89ef1861243b07e3fcb1f6ca965e477a85d53e4804f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
chcv0vmXCdvmtXFBGhxciH4uLF3QYSpC
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
06JMNZR9J2TNMZDD
x-amz-replication-status
COMPLETED
content-length
9823
x-amz-id-2
G59Gri+bkoKrz2CrlANEfqxAZUVhpA0qA4GAAesfmrmpzGbaA6YfsJCXsT56KDZuTkBp3fEbloc=
last-modified
Fri, 01 Mar 2024 23:44:13 GMT
server
Akamai Resource Optimizer
etag
"00421f156f2f10e0f06bc77cb198530f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=7549102
accept-ranges
bytes
wfm_xero_combined_logo.png
edge.xero.com/practice/workflowmax/web/122.0.0/images/xeroLogin/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edge.xero.com/practice/workflowmax/web/122.0.0/images/xeroLogin/wfm_xero_combined_logo.png
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
65bcac48826304d67cd15bbaea3f3f1f95ffe86bb20021d8cbb753e5449109db

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 05:01:04 GMT
last-modified
Tue, 12 Sep 2023 22:18:22 GMT
server
Akamai Image Manager
etag
"5c767eabf77766b413e36f3cba3f7dcd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=54443
content-length
25073
expires
Wed, 10 Apr 2024 20:08:27 GMT
iconLoader.js
edge.xero.com/style/xui-icon/6.1.2/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/style/xui-icon/6.1.2/iconLoader.js
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
4465cad6c8800ffc80ce29ab67ab349fdd2c9165dbe3f9b62f9e3ea12b671ad6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
wqLNEUepONmZv9RNuGbyDg6fuqKXavJL
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
KHZCP3SPJS829NJ1
x-amz-replication-status
COMPLETED
content-length
9331
x-amz-id-2
IdCTgq7Q1IiSRbChk+ZjXI32nPrgY3OsNT9KK+PXd/N8Gw5JbhgGDlXSp08KEcKlS9evvyoW2qQ=
last-modified
Mon, 26 Feb 2024 07:00:13 GMT
server
Akamai Resource Optimizer
etag
"6bf0ab44c081a049fb642485880e1d72"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7193479
accept-ranges
bytes
libs.js
edge.xero.com/practice/workflowmax/xerolegacy/1.0.2///content/2.16/ 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/practice/workflowmax/xerolegacy/1.0.2///content/2.16/libs.js
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
232b598b638313121007a5b5e8aa02f5f71f95001df3261294c549641c15a284

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U.tqT1aCCW9WZBqwbX.KIT98gZvN8wth
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
4DGB1WFMZJ15MSM9
x-amz-replication-status
COMPLETED
content-length
515275
x-amz-id-2
W4PPUSMaV6t133+0YAUKLE32Dvlb68PoX4kMysDn5NBhltO2WVwH18n7vO+GHsHoM3yb7tc5ogE=
last-modified
Mon, 25 Mar 2024 13:23:32 GMT
server
Akamai Resource Optimizer
etag
"7d81d8660fbf0439ac27ac3e49c953af"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=6423670
accept-ranges
bytes
login-combined.js
edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/areas/access/logon/ 		1000 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/practice/workflowmax/web/122.0.0/content/build/release/areas/access/logon/login-combined.js
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
2c060cc1e4c3a1942443c6477962ec94a4f86baa87313169d320244558860e8b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Hp2wFCDC_gOU58EAUboDEMI9Ng8nQud9
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
4C81S6K3M78QJPYG
x-amz-replication-status
COMPLETED
content-length
431
x-amz-id-2
XySL8kFcG4AiFfxsIJP9o57coOA+cwHU5nYxDTZRbiLVwItg1pmmW7V8xDqf1dBrZ9oTuBu0kAQ=
last-modified
Thu, 14 Mar 2024 14:12:05 GMT
server
Akamai Resource Optimizer
etag
"4de6140ec9ba5531c69a07e39350fd95"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7775423
accept-ranges
bytes
xuiIconBlobES5.js
edge.xero.com/style/xui-icon/5.1.4/ 		63 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.xero.com/style/xui-icon/5.1.4/xuiIconBlobES5.js
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.207.181.102 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-207-181-102.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
d8d558bed87860dcec1b4d20fe0c43592eda01b046282e3d4480ed35cce5a81a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
511PxaRjobnKSxj.cy3m8y0D2vU40bRT
content-encoding
br
date
Wed, 10 Apr 2024 05:01:04 GMT
x-amz-request-id
P4PJ02G528FWDFCK
x-amz-replication-status
COMPLETED
content-length
14841
x-amz-id-2
MglgEWTvbDrx0a640MrcIcLna646x+2xwMN7Qj469R7ucT9XSyAks8WNc+R7XGR/np3t1RycsIE=
last-modified
Mon, 19 Feb 2024 06:06:49 GMT
server
Akamai Resource Optimizer
etag
"ff84242c781e702d52bfc6652b36851e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=6065553
accept-ranges
bytes
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
nr-spa-1.255.0.min.js
js-agent.newrelic.com/ 		105 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.255.0.min.js
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2602:816:5001::39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3371d44cedfc56d6657c61e4c1755e67ed86180e2bdf6520ce46d4982f861bed
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/
Origin
https://my.workflowmax.com
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yqkk7PJEGHCp4rAXUgm.T_nc9B7P7cGt
content-encoding
br
via
1.1 varnish
date
Wed, 10 Apr 2024 05:01:04 GMT
strict-transport-security
max-age=300
x-amz-request-id
NZPF8W35N1CT5WP2
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
34032
x-amz-id-2
8JZlenHoQ7km2VCNTMRMsW7VAWECXZHFn4/+VeXRGguQtZJJnUIeElrtCiXoEa9XvOXqaf/4H2t5uiBmIX8nczmOl1jrNn5VGIdVm73pgb8=
x-served-by
cache-qpg1266-QPG
last-modified
Thu, 04 Apr 2024 14:39:28 GMT
server
AmazonS3
etag
"977499a276e5253842c0081629dc665d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
28790
favicon.ico
my.workflowmax.com/ 		1 KB
578 B 		Other
General
Check archive.org
Download Go to
Full URL
https://my.workflowmax.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.29.9 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-32-29-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42e86c35e7f5ea1002e3852ad72b9be2f78e60b7dc86a3b08ab2cb9cbe23d85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 10 Apr 2024 05:01:04 GMT
last-modified
Tue, 09 Apr 2024 09:37:06 GMT
etag
"04d237c618ada1:0"
vary
Accept-Encoding
content-type
image/x-icon
x-envoy-upstream-service-time
7
accept-ranges
bytes
content-length
378
x-ua-compatible
IE=Edge,chrome=1
1c2672e9ec
bam.nr-data.net/1/ 		150 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1c2672e9ec?a=287187123&v=1.255.0&to=MV1UMhFZDRBRUUxfDQgXezAgFy8MV11WdQ0ITEQJD1QGER9xV1sAD1ZTAi9XBApe&rst=1442&ck=0&s=e6dd365e4a7bbccb&ref=https://my.workflowmax.com/Access/Logon/CombinedLogin&hr=0&af=err,xhr,stn,ins,spa&ap=10&be=1015&fe=389&dc=386&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1712725263440,%22n%22:0,%22f%22:602,%22dn%22:634,%22dne%22:634,%22c%22:634,%22s%22:636,%22ce%22:674,%22rq%22:674,%22rp%22:1016,%22rpe%22:1019,%22di%22:1377,%22ds%22:1377,%22de%22:1401,%22dc%22:1402,%22l%22:1402,%22le%22:1404%7D,%22navigation%22:%7B%7D%7D&fp=1169&fcp=1169
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fa81781021980cf3bfebc7bbd6e7013e648cd6914bd82b9e97d7e9e723c01d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 10 Apr 2024 05:01:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://my.workflowmax.com
access-control-expose-headers
Date
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
87202d4a1f1e4cd1-SIN
timing-allow-origin
https://my.workflowmax.com
1c2672e9ec
bam.nr-data.net/events/1/ 		24 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/1c2672e9ec?a=287187123&v=1.255.0&to=MV1UMhFZDRBRUUxfDQgXezAgFy8MV11WdQ0ITEQJD1QGER9xV1sAD1ZTAi9XBApe&rst=1827&ck=0&s=e6dd365e4a7bbccb&ref=https://my.workflowmax.com/Access/Logon/CombinedLogin&hr=0
Requested by
Host: my.workflowmax.com
URL: https://my.workflowmax.com/Access/Logon/CombinedLogin?returnUrl=%2fAccess%2fLogon%2fReturnToApp%3fpath%3d%252fclient%252fclientview.aspx%253fid%253d20749341
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://my.workflowmax.com/
accept-language
zh-SG,zh;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 10 Apr 2024 05:01:05 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://my.workflowmax.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
87202d4bf8784cd1-SIN
Content-Length
24

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.255.0.PROD object| newrelic object| Ext object| wysihtml5ParserRules object| wysihtml5 function| Base string| id undefined| returnExports function| BigDecimal function| MathContext object| rangy function| setImmediate function| clearImmediate function| define function| expose object| moxie object| mOxie object| o object| plupload object| d3 object| XERO object| headerLoader

3 Cookies

Domain/Path Name / Value
.my.workflowmax.com/ Name: ak_bmsc
Value: 720FC7FB15DAA8A5FA31CA76288B37BC~000000000000000000000000000000~YAAQFbQRYNipUMSOAQAAuoVhxhc0lbV2HLjKPhExCu3f+IgG5ZqPv3QM70av3ulRqIKuavNb25A2A/7VTYwW1NmgP50y5uTSh2tdMx2NLopLQa0HynftEwJs96fny18gZWoHP4oGIfSQDn4xvYoZWr4Z2LEskv3rznyQqaICpFXiUumgSrc94mgFmLYoSuK1fYxP44Jp1n1n6hGjsDn5tm4bZxMKEFWhSO0ckeuNv4S3ccqyRTXtN7mIRabZowG/ofxCBHZ02MoG60lmZiko0zx2hT8YobFpwyGqrBXg90FfeNiJvWZGyqKYmnQocbah6whlkbvhMarcjo/2rgPt5tD9NPOBCMXDg66YqV6qxTKxx7E3zuzbB5FKoqqSAOzekfEyVIHg1amvsGgNka9a8ymGoQ==
my.workflowmax.com/ Name: __RequestVerificationToken
Value: tjhvt-M5u2tCL2QqXg1gPYfrpmT9j4eYYTDlwln47TR5u1-KcS5R5sDWu0StfSv_oxY3dGudXw5gCKR40jCVFVHk1HA1
.my.workflowmax.com/ Name: bm_sv
Value: 8DA80C5CCAA457DF1CB952C4DEDC716B~YAAQBR0gF7FNK6uOAQAARYhhxhdzQSrzAimGs5xEND2lJanC3WTpIWzYGAAsvJmWiFdxPPIMfpqoBDxfpxka668UzwLWZalsJqW/3ykHPS/cdhVtAZk9TZ9FgVWtBF8V6W4hs2vd4Dk/DoIqWUwgqq2hY0joki6ElX/2/FxVp2N0nhJMHiQoutTG00bAqgozH0DsFmUWYzfqoeLg4BoG8dmuIgPmZ9vai1p3RR/ksY1M6zSIhHsoH5ZHydZdJI8qB3fi3KbRfQQ=~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN