urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
20.190.151.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nwm-daylight.luminoso.com/
Effective URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKG...
Submission: On August 29 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 61 HTTP transactions. The main IP is 20.190.151.132, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 15.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on May 8th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 18.173.132.62 16509 (AMAZON-02)
2 142.250.80.104 15169 (GOOGLE)
2 18.164.116.57 16509 (AMAZON-02)
2 104.26.13.177 13335 (CLOUDFLAR...)
2 3.214.163.50 14618 (AMAZON-AES)
2 20.190.151.132 8075 (MICROSOFT...)
11 13.107.246.40 8075 (MICROSOFT...)
1 40.126.24.146 8075 (MICROSOFT...)
2 152.195.19.97 15133 (EDGECAST)
1 20.190.152.20 8075 (MICROSOFT...)
61 11
32    18.173.132.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-62.jfk52.r.cloudfront.net
nwm-daylight.luminoso.com
2    142.250.80.104 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f8.1e100.net
www.googletagmanager.com
2    18.164.116.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-57.jfk50.r.cloudfront.net
cdn.heapanalytics.com
2    104.26.13.177 (None, )

ASN13335 (CLOUDFLARENET, US)
js.userflow.com
2    3.214.163.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-163-50.compute-1.amazonaws.com
heapanalytics.com
2    20.190.151.132 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
11    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aadcdn.msauth.net
1    40.126.24.146 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
2    152.195.19.97 (San Jose, United States)

ASN15133 (EDGECAST, US)
aadcdn.msauthimages.net
1    20.190.152.20 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autologon.microsoftazuread-sso.com
Apex Domain
Subdomains		 Transfer
32 luminoso.com
nwm-daylight.luminoso.com
1 MB
11 msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2218
398 KB
4 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 5185
heapanalytics.com — Cisco Umbrella Rank: 4304 Failed
38 KB
2 msauthimages.net
aadcdn.msauthimages.net — Cisco Umbrella Rank: 6532
49 KB
2 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 15
18 KB
2 userflow.com
js.userflow.com — Cisco Umbrella Rank: 82218
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
88 KB
1 microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1014
1 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 37
61 9
Domain Requested by
32 nwm-daylight.luminoso.com 1 redirects nwm-daylight.luminoso.com
11 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
2 aadcdn.msauthimages.net
2 login.microsoftonline.com nwm-daylight.luminoso.com
aadcdn.msauth.net
2 heapanalytics.com nwm-daylight.luminoso.com
2 js.userflow.com nwm-daylight.luminoso.com
2 cdn.heapanalytics.com nwm-daylight.luminoso.com
2 www.googletagmanager.com nwm-daylight.luminoso.com
1 autologon.microsoftazuread-sso.com
1 login.live.com login.microsoftonline.com
61 10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
nwm-daylight.luminoso.com
Amazon RSA 2048 M03		 2024-08-28 -
2025-09-26		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02		 2024-05-29 -
2025-06-26		 a year crt.sh
userflow.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-05-08 -
2025-05-08		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-07-30 -
2025-07-30		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-19 -
2025-08-19		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-04 -
2025-05-30		 a year crt.sh
autologon.microsoftazuread-sso.com
DigiCert SHA2 Secure Server CA		 2024-05-09 -
2025-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Frame ID: C3C4A2AC4602AE209AC9BBF94FC80BE5
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. https://nwm-daylight.luminoso.com/ Page URL
  2. https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F Page URL
  3. https://nwm-daylight.luminoso.com/api/saml/sso?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F HTTP 302
    https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

61
Requests

92 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1828 kB
Transfer

8540 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nwm-daylight.luminoso.com/ Page URL
  2. https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F Page URL
  3. https://nwm-daylight.luminoso.com/api/saml/sso?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F HTTP 302
    https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nwm-daylight.luminoso.com/ 		24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2d2801fb29af6f697b16938ffe7d5e5cc4a266340a186168b40773d11f1ed05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0
content-encoding
br
content-type
text/html
date
Thu, 29 Aug 2024 07:58:49 GMT
etag
W/"3a331184fc3bb216461e58cb7a80be93"
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-id
Hhx0QYaV_cBgsalF2ca-G5hWpUpwCsaa8Gqq3qXrTSkoBvC574Jy7w==
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
runtime.a3139e502e7d364ff861.js
nwm-daylight.luminoso.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/runtime.a3139e502e7d364ff861.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80697277e06177663f2b620dcf3b151c7cf541a3d92582398dc42be0109671cc

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"a6d6f9ccbc7e59cd4aea7f7c58ddf3f9"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
o2_Vrmk7r9XW43lZj5e-OGoYC1kd3rV_csPXuyNaAgvV9RhMrMTxtQ==
vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d2ae7921eb698a2be694.js
nwm-daylight.luminoso.com/ 		1 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d2ae7921eb698a2be694.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58f3015054c64e2afea3cf18b89fe8a7f61e018c2a0401322912f4af2e9f25c4

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"d2d1bf71a03a52856779560848990ce7"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
uYTQ7LXVVeInifgTfNHPE1SGFPRSapNM7tAPL1ZZoOLvzAA4OO9EYQ==
lui.4bb70df55586b30590bf.js
nwm-daylight.luminoso.com/ 		1 MB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c63808f990f400971344ac12a1462aa14c88c02b12686129e68b8f4ed7e092d

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"07dccf8b478d59eed7b86845d37f40a9"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
lFPxQ_KFEi3udEr_9zycitOAp6Jo6a3bklISbUluRNyEmAZo0Ws0wA==
vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
nwm-daylight.luminoso.com/ 		42 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b0b5d4fda4bcd481f153c5d353cbe19c141aa845b687d19c7c2207acfb09907

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"593ded8eebc4cc87f3b5cddab298ce37"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
D3v0Qb77yoT1HmhO5VOdf_CPN0mVpIYme4rBBylklnkfVHx3La_wPQ==
lui.bcc83f7e215c06727d61.css
nwm-daylight.luminoso.com/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14841b78be4489b4a8d716cda8a86416e3eb8bbcb7a23b4890a2a817d4159b01

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"9f3fae2134d5627ef917e5dc0f8c27ea"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
MbvSRHxr9FdlHW4DtP_bl-K4R-CKLwWORdNe7f_JSmoqmruwgrOYCw==
gtm.js
www.googletagmanager.com/ 		297 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQMN6PH
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b80a16d3a2fc6166a6378552888f1cab2f9ef47c86911ec59edddaff934cfa87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89750
x-xss-protection
0
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Aug 2024 07:58:49 GMT
/
nwm-daylight.luminoso.com/api/v5/status/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/status/?include_secrets=true
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
cb3eb017e26d57166019e092fab59100aad07ed9d57a49efdd91b13c53c78c57
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-id
UfE9sKVojCEuXp69cfunx_M7At69CvBVNs2o9T5nadRvTCI03pae9A==
heap-115967021.js
cdn.heapanalytics.com/js/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-115967021.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-57.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
JFK50-P6
x-powered-by
Express
etag
W/"1d49d-TYFDCq5eQL7f5sIMgN8s+wX2lVY"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6vK7GK_s7NcDFOQ1e-IyxHYNBc-esCbD-RohCkj8i5_TG6SDpyFOmQ==
userflow.js
js.userflow.com/es2020/ 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userflow.com/es2020/userflow.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b738e855664bb162307696a33c7c9d5055addd9945f006df40040ec54d012736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nwm-daylight.luminoso.com/
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91
last-modified
Wed, 28 Aug 2024 11:56:28 GMT
server
cloudflare
etag
W/"4cb50eb3d68fd6183e00c2f17489281d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rq5P%2B%2BLqyzkJI1mm8J9Eft3sBz8IlQLDmXXGoPlblhcQMd9LiL0Rm6o3eGoU5Rq2jV8RfErSZ28vSd7O%2BQKyNmUVzAGg%2FvfRN4CWzXSVUcry8V%2BBvWJUJt0OhjYpMBW34g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8baaff891c6c36a1-YYZ
access-control-allow-headers
__requestverificationtoken, request-context, request-id, traceparent
expires
Thu, 29 Aug 2024 07:57:18 GMT
/
nwm-daylight.luminoso.com/api/v5/profile/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/profile/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
2070ec7591da7e04ad5f16176124e1ecefaecfc1442f0b466fc6c21b1bbfbefb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
GO_ogODAgNYGuLpXvtoDZ_ltwiQnEDng_7S48XQrVzJFRJhDrKMNxA==
/
nwm-daylight.luminoso.com/api/v5/profile/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/profile/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
2070ec7591da7e04ad5f16176124e1ecefaecfc1442f0b466fc6c21b1bbfbefb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
zkmU40XPxFdvSPkWa1JBe9niOHIwJjmYuBLAx3Y08li2xPQm9TvBXg==
/
nwm-daylight.luminoso.com/api/v5/profile/flags/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/profile/flags/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
2070ec7591da7e04ad5f16176124e1ecefaecfc1442f0b466fc6c21b1bbfbefb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
_CjZ0B9gn8aDamRNhgLAn4kJP2EtlbRViw19EBYaPUMKr0V_Zvccnw==
/
nwm-daylight.luminoso.com/api/v5/profile/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/profile/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
-dAFL2pPbR2ob5fNSSFmFo_tWiW3Yf01UoPU6WPun0daIFE0HEOL6Q==
/
nwm-daylight.luminoso.com/api/v5/projects/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/projects/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
2070ec7591da7e04ad5f16176124e1ecefaecfc1442f0b466fc6c21b1bbfbefb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
5LHvZexNunGmWkCkaww31F0MFs6k_x4iMWO0Nvdy98OWW6SGWaK9Ew==
projects
nwm-daylight.luminoso.com/api/dashboards/ 		137 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/dashboards/projects
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-length
137
x-amz-cf-id
dk3JJDRc-hyzABQTUTRTkCSnTyU1_axYspXuxu9YPKPqxsPreLyr3g==
/
nwm-daylight.luminoso.com/api/v5/profile/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/profile/
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
content-type
application/json
content-length
103
x-amz-cf-id
oPirRkyh_ErMZeWw9cXUO8ZbFxXqO9Y3PBR5BGC5SYRyNuZA1gNygQ==
/
nwm-daylight.luminoso.com/api/v5/status/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/status/?include_secrets=true
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
cb3eb017e26d57166019e092fab59100aad07ed9d57a49efdd91b13c53c78c57
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-id
WkrdXo6ll0kpMU9E7i9oqMGdkysOuZHFqkep7Y-0EIe3Ua6bEcGTqA==
6194737d386c0f3e4b42.gif
nwm-daylight.luminoso.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nwm-daylight.luminoso.com/6194737d386c0f3e4b42.gif
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"0181ff23b6a95c4f4a7bf3199b3eb22c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
10199
x-amz-cf-id
KUeY5qlt8yYnepCccX8_6KI9fKXOP7GX8VYlNAutvFWy4dnz_Hni4Q==
75614cfcfedd509b1f7a.woff2
nwm-daylight.luminoso.com/ 		178 KB
179 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/75614cfcfedd509b1f7a.woff2
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"bd03a2cc277bbbc338d464e679fe9942"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
182708
x-amz-cf-id
B2G7A8pFU2pDtFnrWzTMyAbgg2UnMW3aJd-hmA1dR9wFyu3Qv3nkbw==
fb685a7c7e4aae2d4d71.woff2
nwm-daylight.luminoso.com/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/fb685a7c7e4aae2d4d71.woff2?v=4.3.0
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"97493d3f11c0a3bd5cbd959f5d19b699"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
56780
x-amz-cf-id
-KBxe7ruI6R2L27bW8LNTJVWWcwivJ7gspQrUcjagn64AFvQEK2fnQ==
e244488c8cc2f5337153.woff2
nwm-daylight.luminoso.com/ 		177 KB
178 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/e244488c8cc2f5337153.woff2
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"7244318390cc4d36aac4a613ff42d308"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
181500
x-amz-cf-id
l6fGwTNjW4gcXfKn9Ge-D5lF-3BGgVxE9KMCKpnCzQYqn-flPK2a2w==
21b3848a32fce5b0f501.woff2
nwm-daylight.luminoso.com/ 		181 KB
181 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/21b3848a32fce5b0f501.woff2
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"cccb897485813c7c256901dbca54ecf2"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
184912
x-amz-cf-id
uP_mAiUJZOcmPF1iTGwtywbPOswKEykK7eQg_CXbsrrOU-tuhMLzBQ==
login.html
nwm-daylight.luminoso.com/ 		0
0
login.html
nwm-daylight.luminoso.com/ 		0
0
login.html
nwm-daylight.luminoso.com/ 		0
0
login.html
nwm-daylight.luminoso.com/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nwm-daylight.luminoso.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0
content-encoding
br
content-type
text/html
date
Thu, 29 Aug 2024 07:58:50 GMT
etag
W/"e7809ba5719150d4dd51b1d4ed310546"
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-id
t9F6D214-eT9dDxED2cqxySKvSPwvpHKyfUf_DiJ7oRlFin07DG1lg==
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
login.html
nwm-daylight.luminoso.com/ 		0
0
h
heapanalytics.com/ 		0
0
login.html
nwm-daylight.luminoso.com/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02ae9c621ae44a5f7663601cb221f40b1a38e656da419f06a0a77d1fc5e227a2

Request headers

Referer
https://nwm-daylight.luminoso.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0
content-encoding
br
content-type
text/html
date
Thu, 29 Aug 2024 07:58:50 GMT
etag
W/"e7809ba5719150d4dd51b1d4ed310546"
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-id
e3bWG3pKezO9heKqpFAX3UmD5_nY9FBsKv6rApmLj49nEusNpBgHfA==
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
runtime.a3139e502e7d364ff861.js
nwm-daylight.luminoso.com/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/runtime.a3139e502e7d364ff861.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80697277e06177663f2b620dcf3b151c7cf541a3d92582398dc42be0109671cc

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"a6d6f9ccbc7e59cd4aea7f7c58ddf3f9"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
o2_Vrmk7r9XW43lZj5e-OGoYC1kd3rV_csPXuyNaAgvV9RhMrMTxtQ==
vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d2ae7921eb698a2be694.js
nwm-daylight.luminoso.com/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d2ae7921eb698a2be694.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58f3015054c64e2afea3cf18b89fe8a7f61e018c2a0401322912f4af2e9f25c4

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"d2d1bf71a03a52856779560848990ce7"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
uYTQ7LXVVeInifgTfNHPE1SGFPRSapNM7tAPL1ZZoOLvzAA4OO9EYQ==
lui.4bb70df55586b30590bf.js
nwm-daylight.luminoso.com/ 		1 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c63808f990f400971344ac12a1462aa14c88c02b12686129e68b8f4ed7e092d

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"07dccf8b478d59eed7b86845d37f40a9"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/javascript
x-amz-cf-id
lFPxQ_KFEi3udEr_9zycitOAp6Jo6a3bklISbUluRNyEmAZo0Ws0wA==
vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
nwm-daylight.luminoso.com/ 		42 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b0b5d4fda4bcd481f153c5d353cbe19c141aa845b687d19c7c2207acfb09907

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:22 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"593ded8eebc4cc87f3b5cddab298ce37"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
D3v0Qb77yoT1HmhO5VOdf_CPN0mVpIYme4rBBylklnkfVHx3La_wPQ==
lui.bcc83f7e215c06727d61.css
nwm-daylight.luminoso.com/ 		36 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14841b78be4489b4a8d716cda8a86416e3eb8bbcb7a23b4890a2a817d4159b01

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
x-amz-server-side-encryption
AES256
etag
W/"9f3fae2134d5627ef917e5dc0f8c27ea"
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
MbvSRHxr9FdlHW4DtP_bl-K4R-CKLwWORdNe7f_JSmoqmruwgrOYCw==
gtm.js
www.googletagmanager.com/ 		297 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQMN6PH
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.104 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b80a16d3a2fc6166a6378552888f1cab2f9ef47c86911ec59edddaff934cfa87
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
last-modified
Thu, 29 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89750
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Aug 2024 07:58:49 GMT
heap-115967021.js
cdn.heapanalytics.com/js/ 		117 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-115967021.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-57.jfk50.r.cloudfront.net
Software
nginx / Express
Resource Hash
9e5602bd236bbe8d1b119eedf6bd690f83b6933287b1b2e381af6f8928fe952d

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:49 GMT
content-encoding
br
via
1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P6
x-powered-by
Express
etag
W/"1d49d-TYFDCq5eQL7f5sIMgN8s+wX2lVY"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
6vK7GK_s7NcDFOQ1e-IyxHYNBc-esCbD-RohCkj8i5_TG6SDpyFOmQ==
userflow.js
js.userflow.com/es2020/ 		68 KB
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userflow.com/es2020/userflow.js
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nwm-daylight.luminoso.com/
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:53 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95
last-modified
Wed, 28 Aug 2024 11:56:28 GMT
server
cloudflare
etag
W/"4cb50eb3d68fd6183e00c2f17489281d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8kxUhPFSNPBDCHDTkI8cbW8QOGw59vdvTAnDKiFgZxBYBcgi1QCE5jasvHqH3X5s%2Bsz714Ylbkcm%2Fkv7FDRuUlI%2FO93Jhl6tSqickJGvF%2FZxtr5mRpM2p9FB23hP%2BQafw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8baaffa1fa3436a1-YYZ
access-control-allow-headers
__requestverificationtoken, request-context, request-id, traceparent
expires
Thu, 29 Aug 2024 07:57:18 GMT
/
nwm-daylight.luminoso.com/api/v5/status/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/status/?include_secrets=true
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-id
JCOWCXun5A0yOCcqWFsHxR58VrWNAQCYGiPeMI-lS7xq4LjVp2JcQg==
/
nwm-daylight.luminoso.com/api/v5/status/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/api/v5/status/?include_secrets=true
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept
application/json
Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
authorization
Token undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer
content-encoding
gzip
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
x-frame-options
SAMEORIGIN
vary
accept-encoding
content-type
application/json
x-cache
Miss from cloudfront
x-amz-cf-id
XBRkVpKFzm9ZZArP9LL8YHK4UzODb5hGEJ5693tTnpDaYJv4_gL1OQ==
75614cfcfedd509b1f7a.woff2
nwm-daylight.luminoso.com/ 		178 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/75614cfcfedd509b1f7a.woff2
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer
https://nwm-daylight.luminoso.com/lui.bcc83f7e215c06727d61.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"bd03a2cc277bbbc338d464e679fe9942"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
182708
x-amz-cf-id
B2G7A8pFU2pDtFnrWzTMyAbgg2UnMW3aJd-hmA1dR9wFyu3Qv3nkbw==
fb685a7c7e4aae2d4d71.woff2
nwm-daylight.luminoso.com/ 		55 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nwm-daylight.luminoso.com/fb685a7c7e4aae2d4d71.woff2?v=4.3.0
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-62.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://nwm-daylight.luminoso.com/vendor-node_modules_emotion_react_dist_emotion-react_browser_esm_js-node_modules_emotion_styl-2924e0.d8b07c5626f3284e41e4.css
Origin
https://nwm-daylight.luminoso.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 07:58:50 GMT
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
last-modified
Wed, 28 Aug 2024 12:42:21 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P2
etag
"97493d3f11c0a3bd5cbd959f5d19b699"
x-amz-server-side-encryption
AES256
access-control-max-age
300
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
56780
x-amz-cf-id
-KBxe7ruI6R2L27bW8LNTJVWWcwivJ7gspQrUcjagn64AFvQEK2fnQ==
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=115967021&u=6938338676836680&v=5929699338464060&s=5508657064822035&b=web&tv=4.0&z=0&ts=1724918330066&d=nwm-daylight.luminoso.com&h=%2F&t=Projects%20%7C%20Luminoso%20Daylight&st=1724918334128&lv=4.23.3&ld=cdn.heapanalytics.com
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.163.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-163-50.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:58:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=115967021&u=6938338676836680&v=6496341170341908&s=5508657064822035&b=web&tv=4.0&z=2&h=%2Flogin.html&q=%3Fdest%3Dhttps%253A%252F%252Fnwm-daylight.luminoso.com%252F&d=nwm-daylight.luminoso.com&t=Luminoso%20Daylight&r=https%3A%2F%2Fnwm-daylight.luminoso.com%2F&ts=1724918334235&pr=%2F&sp=z&sp=0&sp=ts&sp=1724918330066&sp=d&sp=nwm-daylight.luminoso.com&sp=h&sp=%2F&sp=t&sp=Projects%20%7C%20Luminoso%20Daylight&sch=1200&scw=1600&st=1724918334237&lv=4.23.3&ld=cdn.heapanalytics.com
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.163.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-163-50.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://nwm-daylight.luminoso.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Aug 2024 07:58:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
Primary Request saml2
login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/
Redirect Chain
  • https://nwm-daylight.luminoso.com/api/saml/sso?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
  • https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKH...
39 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Requested by
Host: nwm-daylight.luminoso.com
URL: https://nwm-daylight.luminoso.com/lui.4bb70df55586b30590bf.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.151.132 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffb6c2b92a153346a0880c352ec30c7b63c810d9c6caea3d6f5ecfe2c09b6f88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
14761
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Aug 2024 07:58:54 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.18794.6 - SCUS ProdSlices
x-ms-request-id
b885cca5-139d-4069-bd4a-9f8cf63e1400
x-ms-srs
1.P

Redirect headers

content-length
1637
content-security-policy
default-src 'self'; frame-ancestors 'self'; font-src 'self' fonts.gstatic.com https://heapanalytics.com; img-src 'self' data: www.googletagmanager.com www.google-analytics.com https://fonts.gstatic.com https://heapanalytics.com https://js.userflow.com/ https://storage.googleapis.com/studio1-prod-blob/; style-src 'self' 'unsafe-inline' fonts.googleapis.com https://heapanalytics.com https://js.userflow.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com https://cdn.heapanalytics.com https://heapanalytics.com https://js.userflow.com/ https://js.getuserflow.com/; connect-src 'self' https://heapanalytics.com https://www.google-analytics.com https://e.userflow.com/ https://js.userflow.com/ wss://e.userflow.com/; media-src 'self' https://storage.googleapis.com/studio1-prod-blob/;
content-type
text/html; charset=utf-8
date
Thu, 29 Aug 2024 07:58:54 GMT
location
https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-id
wuPm3gjk3fqf4h0g9an_oyXsIdgAIqAWB9pkYmm9oeEoqEKnBbLYaw==
x-amz-cf-pop
JFK52-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_qzvqnltrxpy99ajspyxbgq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:55 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
20414
x-ms-lease-status
unlocked
last-modified
Wed, 03 Jul 2024 21:48:08 GMT
etag
0x8DC9BA9D4131BFD
x-azure-ref
20240829T075855Z-1799c87bc7bc7vqg0sfpvyuxd400000001ng000000003dmd
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b7c04800-a01e-004e-4631-f9d273000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dc06bde66ff69c3cd7a67b5745c329571334a98ed7af7c356241cfed32fa6d2

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:55 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
4554691
content-length
122157
x-ms-lease-status
unlocked
last-modified
Mon, 05 Aug 2024 15:32:30 GMT
etag
0x8DCB563D185FB49
x-azure-ref
20240829T075855Z-1799c87bc7bc7vqg0sfpvyuxd400000001ng000000003dmf
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ab177922-001e-0036-473e-f94e26000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_tzwwq6wdslxjdiwzdatg6a2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d65e2644bea71489d43203aa2abcba471c847bf2a176963be8db62bf1a70f7a5

Request headers

Referer
https://login.microsoftonline.com/
Origin
https://login.microsoftonline.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:55 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
16112
x-ms-lease-status
unlocked
last-modified
Fri, 02 Aug 2024 19:59:07 GMT
etag
0x8DCB32D919A1484
x-azure-ref
20240829T075855Z-1799c87bc7bc7vqg0sfpvyuxd400000001ng000000003dme
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
3004cbcd-b01e-006e-2d17-f99679000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.24.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers
oneDs_f2e0f4a029670f10d892.js
aadcdn.msauth.net/shared/1.0/content/js/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/oneDs_f2e0f4a029670f10d892.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:55 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
61052
x-ms-lease-status
unlocked
last-modified
Thu, 25 May 2023 17:22:47 GMT
etag
0x8DB5D44A8CEE4F4
x-azure-ref
20240829T075855Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exe
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9f4aae9a-801e-0042-531d-f50d69000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_6c7dc46bb93924417b57.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:56 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
116351
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:44 GMT
etag
0x8DC90CE9C53BCDF
x-azure-ref
20240829T075856Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exn
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c668f41d-901e-0055-2417-f9ec70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:56 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
etag
0x8D8731230C851A6
x-azure-ref
20240829T075856Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exq
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
9d280baa-d01e-006b-79e5-f87b0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:56 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
5531
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:44 GMT
etag
0x8DC90CE9C8E6126
x-azure-ref
20240829T075856Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exu
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e8a39124-401e-0079-01e5-f800df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:56 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
2672
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:47 GMT
etag
0x8DB5C3F48EC4154
x-azure-ref
20240829T075856Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exv
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
672f124f-a01e-005e-1731-f9171b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:56 GMT
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
3620
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:48 GMT
etag
0x8DB5C3F4904824B
x-azure-ref
20240829T075856Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003exw
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
7be0a7b2-a01e-007a-14e5-f8a9a9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
illustration
aadcdn.msauthimages.net/dbd5a2dd-pqrfczxl0ptvikjaiete8b1mhxsesb9brn5lfcxyg8y/logintenantbranding/0/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-pqrfczxl0ptvikjaiete8b1mhxsesb9brn5lfcxyg8y/logintenantbranding/0/illustration?ts=637488448488098094
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/076B) /
Resource Hash
a31e9f7fb8e4addff10b9d1d2a024ed76fedd8e7f28ce79813b244689aa2aa7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:57 GMT
x-content-type-options
nosniff
content-md5
OdzoCJrbBQwGe2E7DnWMfA==
age
7684
x-cache
HIT
content-length
39176
x-ms-lease-status
unlocked
last-modified
Sat, 13 Feb 2021 20:27:29 GMT
server
ECAcc (chd/076B)
etag
0x8D8D05DC8B9BE13
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
2b703b7f-101e-003f-6dd7-f98b41000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-pqrfczxl0ptvikjaiete8b1mhxsesb9brn5lfcxyg8y/logintenantbranding/0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-pqrfczxl0ptvikjaiete8b1mhxsesb9brn5lfcxyg8y/logintenantbranding/0/bannerlogo?ts=637488448494935506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.19.97 San Jose, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0789) /
Resource Hash
ffe83bf6bbfe2b1d07c90dee0a8fc18e269b9a22a973f41d63afd32ddeec497b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:57 GMT
x-content-type-options
nosniff
content-md5
6+WNx/sy4vhmSd14tOTUDQ==
age
75375
x-cache
HIT
content-length
9978
x-ms-lease-status
unlocked
last-modified
Sat, 13 Feb 2021 20:27:29 GMT
server
ECAcc (chd/0789)
etag
0x8D8D05DC914231E
content-type
image/*
access-control-allow-origin
*
x-ms-request-id
809c8fd3-b01e-006b-4539-f9c416000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
ssoprobe
autologon.microsoftazuread-sso.com/northwesternmutual.com/winauth/ 		12 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autologon.microsoftazuread-sso.com/northwesternmutual.com/winauth/ssoprobe?client-request-id=6ad67002-ed45-42c0-b6b3-886829ce07d1&_=1724918337062
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.152.20 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Thu, 29 Aug 2024 07:58:56 GMT
X-Content-Type-Options
nosniff
WWW-Authenticate
Negotiate
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
12
X-XSS-Protection
0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Vary
Origin
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png; charset=utf-8
Access-Control-Allow-Origin
https://login.microsoftonline.com
x-ms-request-id
0b65331c-8cbe-4319-b5ee-c06ba07c5e00
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+bno"}]}
x-ms-ests-server
2.1.18794.6 - NCUS ProdSlices
Expires
-1
dssostatus
login.microsoftonline.com/common/instrumentation/ 		265 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/instrumentation/dssostatus
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.190.151.132 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aea272f06e97eea9c31c8befa61da64725e83d46da9ca16d3696be80b5a62ca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

hpgrequestid
b885cca5-139d-4069-bd4a-9f8cf63e1400
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
client-request-id
6ad67002-ed45-42c0-b6b3-886829ce07d1
canary
PAQABDgEAAAApTwJmzXqdR4BN2miheQMYdgVu2VnyZrGLk5AiutCUwPtM3w4fBwqVt_LEveC3fsZ8jrG9ESgTF049pn35Co8TAacnPFuObqe6_4TjkH4BwfCY1PZZ_dVM3Rqv1IxJgfaYw_jp331Q8SHeVqjgp86tPd8tZjIByT77zulRfKzaKweBxijuF_LqGofRwOGHSNfId2TT_5EUbxladVNmJrE-vQx5wiNtIBGd7jSOgPZsUSAA
Content-type
application/json; charset=UTF-8
hpgid
1104
Accept
application/json
Referer
https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
hpgact
1900

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Thu, 29 Aug 2024 07:58:57 GMT
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
client-request-id
6ad67002-ed45-42c0-b6b3-886829ce07d1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Content-Length
265
X-XSS-Protection
0
Pragma
no-cache
x-ms-srs
1.P
Referrer-Policy
strict-origin-when-cross-origin
Access-Control-Allow-Methods
POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://autologon.microsoftazuread-sso.com/
x-ms-request-id
0708499a-50ef-4369-9358-2ac367b51100
Cache-Control
no-store, no-cache
Access-Control-Allow-Credentials
true
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
x-ms-ests-server
2.1.18794.6 - NCUS ProdSlices
Expires
-1
convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		111 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2P9n4TNNrWcgKwW6Mt6tGA2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:57 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
35167
x-ms-lease-status
unlocked
last-modified
Thu, 20 Jun 2024 02:13:45 GMT
etag
0x8DC90CE9CFCD37E
x-azure-ref
20240829T075857Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003ey7
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1455dffd-901e-0069-5a3e-f9fa1a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Referer
https://login.microsoftonline.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 29 Aug 2024 07:58:57 GMT
content-encoding
gzip
x-cache
TCP_HIT
x-fd-int-roxy-purgeid
0
content-length
621
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 10:11:49 GMT
etag
0x8DB5C3F49ED96E0
x-azure-ref
20240829T075857Z-1799c87bc7bdcqff28wzpgq25000000001qg000000003ey8
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7dea109b-801e-0065-4b17-f96d12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nwm-daylight.luminoso.com
URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Domain
nwm-daylight.luminoso.com
URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Domain
nwm-daylight.luminoso.com
URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Domain
nwm-daylight.luminoso.com
URL
https://nwm-daylight.luminoso.com/login.html?dest=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Domain
heapanalytics.com
URL
https://heapanalytics.com/h?a=115967021&u=6938338676836680&v=5029165921539225&s=5508657064822035&b=web&tv=4.0&z=0&h=%2F&d=nwm-daylight.luminoso.com&t=Projects%20%7C%20Luminoso%20Daylight&ts=1724918330066&sch=1200&scw=1600&st=1724918330069&lv=4.23.3&ld=cdn.heapanalytics.com

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_6c7dc46bb93924417b57 boolean| __convergedlogin_pfetchsessionsprogress_758d4d3367a37038a3b2 boolean| __convergedlogin_pstringcustomizationhelper_92013fd9f2f609d397ae

16 Cookies

Domain/Path Name / Value
.luminoso.com/ Name: _hp2_id.115967021
Value: %7B%22userId%22%3A%226938338676836680%22%2C%22pageviewId%22%3A%226496341170341908%22%2C%22sessionId%22%3A%225508657064822035%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.luminoso.com/ Name: _hp2_ses_props.115967021
Value: %7B%22ts%22%3A1724918330066%2C%22d%22%3A%22nwm-daylight.luminoso.com%22%2C%22h%22%3A%22%2F%22%7D
login.microsoftonline.com/ Name: buid
Value: 0.AQ0AxHqCqmVGu02Y-vpJMahHCQ9y_d5CBPxNrXc_ND6NRdENAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYDAiKsskxnnaFXvszSxUom7Nxx9KCeBg_5FIr7NJvJqHBc1t-6rXoozzeKKbi0m0cK_--OiVePJbZMJKpYFS7bxkk5B42a4VB2qNHCI4KavwgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY4xoEKpz38SDVuwTfpC8_3ZGPziAVet2D3l__O1aDDMZnSUR14dX-_JZDStaKEkYO2falpxf9CE4X1jq09MNAsUUP33pQnm-snvNle-SdSzPGBgZ8GGpTBIHmdPnT-jvD2fLkFnteZHSXqvoTL6QllA1GLGFgrj-jpMJaLn8XS4UgAA
.login.microsoftonline.com/ Name: esctx-HZtdUEHoI
Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYVxpCIrk34uQ7UvyW5mSfURCPk9YMSprlMjYaEq3MxJ7TYczZOwrGW41j-jTdALChRMFmxsyaYy5Uk_6qyRB6Yh_fIjH0n-S4h8Jn1ZKno8CqxcbJnP73XFemOzPTIaZi3dwbDWhF-67DvdszQAHJuCAA
login.microsoftonline.com/ Name: fpc
Value: Aq1e6waB4CFFj4BSidJHJKw_RZ4hAQAAAD4hYt4OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.live.com/ Name: uaid
Value: 00e8e7b34e934d85ae46bf1ba5892075
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1724918335&co=1
login.microsoftonline.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: e4366d53-2745-49c5-896f-f0b64dee1d5a
.login.microsoftonline.com/ Name: brcap
Value: 0
autologon.microsoftazuread-sso.com/ Name: fpc
Value: AnXsDnZ6ddhOlhAayzFnEHw
autologon.microsoftazuread-sso.com/ Name: x-ms-gateway-slice
Value: estsfd
autologon.microsoftazuread-sso.com/ Name: stsservicecookie
Value: estsfd
login.microsoftonline.com/ Name: ai_session
Value: ONt6XoNa+4KOAhmZyXa0IE|1724918337296|1724918337296

8 Console Messages

Source Level URL
Text
network error URL: https://nwm-daylight.luminoso.com/api/v5/profile/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://nwm-daylight.luminoso.com/api/v5/projects/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://nwm-daylight.luminoso.com/api/v5/profile/flags/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://nwm-daylight.luminoso.com/api/v5/profile/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://nwm-daylight.luminoso.com/api/v5/profile/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://nwm-daylight.luminoso.com/api/v5/profile/
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://autologon.microsoftazuread-sso.com/northwesternmutual.com/winauth/ssoprobe?client-request-id=6ad67002-ed45-42c0-b6b3-886829ce07d1&_=1724918337062
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation verbose URL: https://login.microsoftonline.com/aa827ac4-4665-4dbb-98fa-fa4931a84709/saml2?SAMLRequest=lZJLb%2BIwFIX3%2FIooe%2BdhDCQWINEyDyQGUKGzmE11YztgyY%2BM7Uyn%2F36SMDNtF63ULE%2Fu%2BXTOkecetGroqg0Xcyd%2BtsKHURT91sp4OvxaxK0z1IKXnhrQwtPA6HH1bUtxktHG2WCZVfEr0%2Fse8F64IK3pTZv1It7vPm33Xza7h4qXeckJIbxmHIBMa8GxwGUNuACGcZlX%2BZhl4974XTjfMRZxhxxA3rdiY3wAEzoxwwRlBcLlKZvRSUEn5Ed%2Fte76SQNhcF5CaDxNU2XP0iRaMme9rYM1ShqRMKtTgALPgBFEptMJIryqUFnUgGog5TiHgsyyMu0b4x5%2B%2BDvGjTRcmvP7K1TXI0%2B%2Fnk4HdNgfTz1i9W%2BbW2t8q4U7CvdLMnF%2Ft33Oax414vCk5PkSEtVqabrc17yNHOKkwHwaLztgFM17gQ7zuOUHEFoE4BAgnacvCc%2FMhu66Vpv1wSrJnga9%2Fz5bpyG8XT5P8kGRHNXDKW2NbwSTtRQ8%2Fo9ZKWUfb52AIBZxcK2Io3Q5Gl3DvH6wyz8%3D&RelayState=https%3A%2F%2Fnwm-daylight.luminoso.com%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
cdn.heapanalytics.com
heapanalytics.com
js.userflow.com
login.live.com
login.microsoftonline.com
nwm-daylight.luminoso.com
www.googletagmanager.com
heapanalytics.com
nwm-daylight.luminoso.com
104.26.13.177
13.107.246.40
142.250.80.104
152.195.19.97
18.164.116.57
18.173.132.62
20.190.151.132
20.190.152.20
3.214.163.50
40.126.24.146
02ae9c621ae44a5f7663601cb221f40b1a38e656da419f06a0a77d1fc5e227a2
14841b78be4489b4a8d716cda8a86416e3eb8bbcb7a23b4890a2a817d4159b01
1ec87632ee58734951aa02813ef07ad377126a39a16f063c181519b98ffffc07
1f8ceb44fe7cfcf7e71dbd5122210335ca3821d697a851d2900b95af7d92d69d
2070ec7591da7e04ad5f16176124e1ecefaecfc1442f0b466fc6c21b1bbfbefb
3c63808f990f400971344ac12a1462aa14c88c02b12686129e68b8f4ed7e092d
4dc06bde66ff69c3cd7a67b5745c329571334a98ed7af7c356241cfed32fa6d2
58f3015054c64e2afea3cf18b89fe8a7f61e018c2a0401322912f4af2e9f25c4
80697277e06177663f2b620dcf3b151c7cf541a3d92582398dc42be0109671cc
8405362eb8f09df13ae244de155b51b1577274673d9728b6c81cd0278a63c8b0
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8b0b5d4fda4bcd481f153c5d353cbe19c141aa845b687d19c7c2207acfb09907
8d31dbc6089dc6195b1945b85a7225a01dcf031bd8cbc3df86029022fe64a5e5
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9e5602bd236bbe8d1b119eedf6bd690f83b6933287b1b2e381af6f8928fe952d
a2d2801fb29af6f697b16938ffe7d5e5cc4a266340a186168b40773d11f1ed05
a31e9f7fb8e4addff10b9d1d2a024ed76fedd8e7f28ce79813b244689aa2aa7d
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
aea272f06e97eea9c31c8befa61da64725e83d46da9ca16d3696be80b5a62ca0
b738e855664bb162307696a33c7c9d5055addd9945f006df40040ec54d012736
b80a16d3a2fc6166a6378552888f1cab2f9ef47c86911ec59edddaff934cfa87
bab311bf22661b153353a159f0ec931dbcb79f950fa37daf9d0ff180cbf45deb
cb3eb017e26d57166019e092fab59100aad07ed9d57a49efdd91b13c53c78c57
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d65e2644bea71489d43203aa2abcba471c847bf2a176963be8db62bf1a70f7a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffb6c2b92a153346a0880c352ec30c7b63c810d9c6caea3d6f5ecfe2c09b6f88
ffe83bf6bbfe2b1d07c90dee0a8fc18e269b9a22a973f41d63afd32ddeec497b