Submitted URL: https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQUozLWhnT2Nfb1lEQVlRMFlzY1Q2YmkzdThlWDRTVjZ6Zz09IiwiaHJlZiI6Imh0...
Effective URL: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicros...
Submission: On November 11 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 192.156.237.215, located in United States and belongs to GILD-SCI, US. The main domain is fedsso3.gilead.com. The Cisco Umbrella rank of the primary domain is 768900.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 17th 2022. Valid for: a year.
This is the only time fedsso3.gilead.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.227.225.220 15169 (GOOGLE)
9 65.9.66.43 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 23.67.128.30 16625 (AKAMAI-AS)
6 192.156.237.215 46186 (GILD-SCI)
17 4
Apex Domain
Subdomains
Transfer
9 workhuman.com
cloud.workhuman.com — Cisco Umbrella Rank: 42240
2 MB
6 gilead.com
fedsso3.gilead.com — Cisco Umbrella Rank: 768900
24 KB
2 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 737
a15928870500.cdn.optimizely.com — Cisco Umbrella Rank: 77000
93 KB
1 customeriomail.com
e.customeriomail.com — Cisco Umbrella Rank: 51801
282 B
17 4
Domain Requested by
9 cloud.workhuman.com cloud.workhuman.com
6 fedsso3.gilead.com fedsso3.gilead.com
1 a15928870500.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com cloud.workhuman.com
1 e.customeriomail.com 1 redirects
17 5

This site contains links to these domains. Also see Links.

Domain
mfa.gilead.com
Subject Issuer Validity Valid
*.workhuman.com
Amazon
2022-02-26 -
2023-03-27
a year crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA
2021-12-24 -
2022-12-24
a year crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-03 -
2023-06-07
a year crt.sh
*.gilead.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2022-02-17 -
2023-03-20
a year crt.sh

This page contains 2 frames:

Primary Page: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Frame ID: 2D236DDA11ED474E09BB82BB76ABDF29
Requests: 16 HTTP requests in this frame

Frame: https://a15928870500.cdn.optimizely.com/client_storage/a15928870500.html
Frame ID: 295127AF60E224B6913B0425C68D3E49
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Sign On

Page URL History Show full URLs

  1. https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQUozLWhnT2Nfb1lEQVlRMFlzY1Q2YmkzdThlWDRTVjZ6... HTTP 302
    https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_c... Page URL
  2. https://cloud.workhuman.com/microsites/t/apps/forwardToInternalApp?client=gilead&targetUrl=%2Fstore%2F%3... Page URL
  3. https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.wo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

17
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1669 kB
Transfer

2178 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQUozLWhnT2Nfb1lEQVlRMFlzY1Q2YmkzdThlWDRTVjZ6Zz09IiwiaHJlZiI6Imh0dHBzOi8vY2xvdWQud29ya2h1bWFuLmNvbS9zdG9yZS8_dXRtX3NvdXJjZT1jaW9cdTAwMjZ1dG1fbWVkaXVtPWVtYWlsXHUwMDI2dXRtX2NhbXBhaWduPTExMDFfcnJfZ2lmdF9ndWlkZVx1MDAyNnV0bV9jb250ZW50PTExMDFfcnJfZ2lmdF9ndWlkZV9hX19idG4xIyFnaWxlYWQvY29sbGVjdGlvbnMveW91cl9ndWlkZV90b19ncmVhdF9ob2xpZGF5X2dpZnRzX25vdjIyX3VzYSIsImludGVybmFsIjoiZjNiNDA2ZDUwMWFjN2M5ZGZlODYwMyIsImxpbmtfaWQiOjIyMH0/4a49cb6375e52708998b78821b81cb6e5ba3106015f74bc825219efb2a56c733 HTTP 302
    https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1 Page URL
  2. https://cloud.workhuman.com/microsites/t/apps/forwardToInternalApp?client=gilead&targetUrl=%2Fstore%2F%3Futm_source%3Dcio%26utm_medium%3Demail%26utm_campaign%3D1101_rr_gift_guide%26utm_content%3D1101_rr_gift_guide_a__btn1%23!gilead%2Fcollections%2Fyour_guide_to_great_holiday_gifts_nov22_usa Page URL
  3. https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQUozLWhnT2Nfb1lEQVlRMFlzY1Q2YmkzdThlWDRTVjZ6Zz09IiwiaHJlZiI6Imh0dHBzOi8vY2xvdWQud29ya2h1bWFuLmNvbS9zdG9yZS8_dXRtX3NvdXJjZT1jaW9cdTAwMjZ1dG1fbWVkaXVtPWVtYWlsXHUwMDI2dXRtX2NhbXBhaWduPTExMDFfcnJfZ2lmdF9ndWlkZVx1MDAyNnV0bV9jb250ZW50PTExMDFfcnJfZ2lmdF9ndWlkZV9hX19idG4xIyFnaWxlYWQvY29sbGVjdGlvbnMveW91cl9ndWlkZV90b19ncmVhdF9ob2xpZGF5X2dpZnRzX25vdjIyX3VzYSIsImludGVybmFsIjoiZjNiNDA2ZDUwMWFjN2M5ZGZlODYwMyIsImxpbmtfaWQiOjIyMH0/4a49cb6375e52708998b78821b81cb6e5ba3106015f74bc825219efb2a56c733 HTTP 302
  • https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
cloud.workhuman.com/store/
Redirect Chain
  • https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnVHp0QVlBQUozLWhnT2Nfb1lEQVlRMFlzY1Q2YmkzdThlWDRTVjZ6Zz09IiwiaHJlZiI6Imh0dHBzOi8vY2xvdWQud29ya2h1bWFuLmNvbS9zdG9yZS8_dXRtX3NvdXJjZT1jaW9cdTAwMjZ1...
  • https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
10 KB
11 KB
Document
General
Full URL
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
26e1da7ec417e579927bfe476cb4171f7747d6d28395be3cc958a4a460861853
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
160
cache-control
max-age=600
content-length
9765
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
content-type
text/html; charset=UTF-8
date
Fri, 11 Nov 2022 23:24:15 GMT
etag
"2625-5ed1097777000"
expires
Fri, 11 Nov 2022 23:34:15 GMT
last-modified
Wed, 09 Nov 2022 21:46:40 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
puv_4UA-YtOQYLS3FhgfzCEXv6JLhHZ0EKqPUC3PEKUpuNZ4S-U-KA==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
date
Fri, 11 Nov 2022 23:26:54 GMT
location
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1#!gilead/collections/your_guide_to_great_holiday_gifts_nov22_usa
via
1.1 google
16969570298.js
cdn.optimizely.com/js/
300 KB
92 KB
Script
General
Full URL
https://cdn.optimizely.com/js/16969570298.js
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:889::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
964d6ab5e95e8f5cd2e5143143d2031dc92173d3a27d8333e9d9d75e0caeb766
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cloud.workhuman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
Smzcu6uP61sawvay15ciY2B4NoqxdBGA
content-encoding
gzip
date
Fri, 11 Nov 2022 23:26:55 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
4AMXNH3NFKVHT0VS
x-amz-server-side-encryption
AES256
x-amz-meta-revision
4059
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:3500:889::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length
92903
x-amz-id-2
jS0016I4MbUMTS8mwhC59DXkFU58eal+iXdsOGgObA9SyfRXkphg7IIbfDfeXrZIkyHGtYw/WCk=
last-modified
Fri, 11 Nov 2022 00:01:15 GMT
server
AmazonS3
etag
"35fc8e463d4edf3fd278cc31d5fc3671"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
main.css
cloud.workhuman.com/store/
191 KB
192 KB
Stylesheet
General
Full URL
https://cloud.workhuman.com/store/main.css?6b5ab01ce08aa996df9a
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b483ad8989df7b3db0f88fa5082d88c199fcdbfe14191ad207e8d82b8104309f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
160
x-cache
Hit from cloudfront
content-length
195904
x-xss-protection
1; mode=block
last-modified
Wed, 09 Nov 2022 21:46:40 GMT
server
Apache
etag
"2fd40-5ed1097777000"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
g33E-JvuywEZ1xg7yXpxNR-U8ENRnGy33lGtGomg6Ij8u9Qz5TJUkw==
expires
Sat, 11 Nov 2023 23:24:15 GMT
main.css
cloud.workhuman.com/cookie-banner-ui-app/
1 KB
1 KB
Stylesheet
General
Full URL
https://cloud.workhuman.com/cookie-banner-ui-app/main.css
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb02b2f40be7e9590626cdae4222499f52590c2a681a335edf2046421dbfc3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
uBiD5cfFFCyGMZQadNPN72uZPWCUpfu_
content-encoding
gzip
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
date
Fri, 11 Nov 2022 16:54:29 GMT
x-amz-request-id
P1X03BEAKKQXEW4D
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
age
23547
x-cache
Hit from cloudfront
x-amz-id-2
6QoIqQKPzsgQkDvv6SRvy5CeSq6PbKryobYC0CKYXBJDmO5xMMOlSL03CIMdP/0xfNbfZES/l9Y=
last-modified
Thu, 30 Jun 2022 08:18:39 GMT
server
AmazonS3
etag
W/"7062064fe7012e376f6d7239946bcaa9"
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
qsnniVCIJAJAbAwEgladmZj8x7Hq8QhII1GnzDQBxrDT-S8SbqSGNA==
main.bundle.js
cloud.workhuman.com/store/
1 MB
1 MB
Script
General
Full URL
https://cloud.workhuman.com/store/main.bundle.js?6b5ab01ce08aa996df9a
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7f2915221dedbf1518e3dc1b079fed98f5856fa69ff9601f1cab2c64a2c74a3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
160
x-cache
Hit from cloudfront
content-length
1144087
x-xss-protection
1; mode=block
last-modified
Wed, 09 Nov 2022 21:46:40 GMT
server
Apache
etag
"117517-5ed1097777000"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ReJ0rbS0wp2lBbHV7itw68QgPK4Kt6ZaNacCdo_H93PzaprWYzXRpQ==
expires
Sat, 11 Nov 2023 23:24:15 GMT
main.bundle.js
cloud.workhuman.com/cookie-banner-ui-app/
448 KB
136 KB
Script
General
Full URL
https://cloud.workhuman.com/cookie-banner-ui-app/main.bundle.js
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e04c5389e6f43dbe227b855d2d6d2f78ec0f56f003cf6002188ae94b6283f090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
iAGCkkd2_qDttfsv5ZpCa9.cZbnGODMJ
content-encoding
gzip
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
date
Fri, 11 Nov 2022 15:46:57 GMT
x-amz-request-id
VNY86TW8PZEF51M4
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
age
27599
x-cache
Hit from cloudfront
x-amz-id-2
mHNHDxmO7Lbstb/EBxWUBEQPp1FAeHq1yf2sgkya2dT4WGb4uHeaMqtfuWHHlC5sBRARxYWbgik=
last-modified
Thu, 30 Jun 2022 08:18:39 GMT
server
AmazonS3
etag
W/"0925a16ee93758b7321d9e35f677a19a"
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
I_mSlRq0S4kGD5AwU0ZP1Qd2UFumt4YOVMbSfA4zoN7YyN15nuwdxg==
Roboto-Regular.ecd9cc01197578829ea1.woff
cloud.workhuman.com/store/assets/fonts/
81 KB
82 KB
Font
General
Full URL
https://cloud.workhuman.com/store/assets/fonts/Roboto-Regular.ecd9cc01197578829ea1.woff
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/main.css?6b5ab01ce08aa996df9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
f4eda1ef158abd66bb66752828a080366bddc91e86bfe43fffe2dc8a2aaf6438
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.workhuman.com/store/main.css?6b5ab01ce08aa996df9a
Origin
https://cloud.workhuman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 23:26:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
last-modified
Wed, 09 Nov 2022 21:46:40 GMT
server
Apache
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
etag
"14280-5ed1097777000"
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
82560
x-xss-protection
1; mode=block
x-amz-cf-id
nb47jcY0Hiu0t1yjZ6PV_A6lIJXELw4emuUUa62RJk9IdgQPYA4pPw==
a15928870500.html
a15928870500.cdn.optimizely.com/client_storage/ Frame 2951
2 KB
1 KB
Document
General
Full URL
https://a15928870500.cdn.optimizely.com/client_storage/a15928870500.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/16969570298.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.128.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-128-30.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ea7dc3b534a47380d6e46b6896f2fe55469278261a6341c2cc86ff91ce9d906
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://cloud.workhuman.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
878
content-type
text/html; charset=utf-8
date
Fri, 11 Nov 2022 23:26:55 GMT
etag
"e75b09667cbaf7fbdee4af62c06087c3"
last-modified
Fri, 11 Nov 2022 23:14:13 GMT
server
AmazonS3
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="23.67.128.30";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-amz-id-2
W4U5f25dvB372qkTdv0f0pQGlpthqvWXJH9rhCuHJJdz/fwdMB0COtAdgE/b5bYbaYgSGp/dEP8=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
H5CSW3AE9JR8AXXY
x-amz-server-side-encryption
AES256
x-amz-version-id
dW0aIk51HkEeLXCZF.7WhDw6iFMa0haL
userSessionAuthToken
cloud.workhuman.com/microsites/login/
4 KB
5 KB
XHR
General
Full URL
https://cloud.workhuman.com/microsites/login/userSessionAuthToken?
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/main.bundle.js?6b5ab01ce08aa996df9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 11 Nov 2022 23:26:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-C1
x-cache
Error from cloudfront
content-type
text/html;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
bLe7cqeMVXzonbVjBtsuvIGxNhBKexL0Cr1y1oRhAn2sS3gxus47oQ==
content-length
3606
x-xss-protection
1; mode=block
expires
Sat, 6 May 1995 12:00:00 GMT
userSessionAuthToken
cloud.workhuman.com/microsites/login/
4 KB
5 KB
XHR
General
Full URL
https://cloud.workhuman.com/microsites/login/userSessionAuthToken?
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/cookie-banner-ui-app/main.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 11 Nov 2022 23:26:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-C1
x-cache
Error from cloudfront
content-type
text/html;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
vqXiq29R8dHcYiIjnMCaD73CJMHOxaay56bCnanohdiIljqf_EYMKQ==
content-length
3606
x-xss-protection
1; mode=block
expires
Sat, 6 May 1995 12:00:00 GMT
forwardToInternalApp
cloud.workhuman.com/microsites/t/apps/
582 B
2 KB
Document
General
Full URL
https://cloud.workhuman.com/microsites/t/apps/forwardToInternalApp?client=gilead&targetUrl=%2Fstore%2F%3Futm_source%3Dcio%26utm_medium%3Demail%26utm_campaign%3D1101_rr_gift_guide%26utm_content%3D1101_rr_gift_guide_a__btn1%23!gilead%2Fcollections%2Fyour_guide_to_great_holiday_gifts_nov22_usa
Requested by
Host: cloud.workhuman.com
URL: https://cloud.workhuman.com/store/main.bundle.js?6b5ab01ce08aa996df9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.workhuman.com/store/?utm_source=cio&utm_medium=email&utm_campaign=1101_rr_gift_guide&utm_content=1101_rr_gift_guide_a__btn1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
582
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
content-type
text/html;charset=ISO-8859-1
date
Fri, 11 Nov 2022 23:26:55 GMT
expires
01 Apr 1995 01:10:10 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
tTjABF3_tM7rdc1EZRq_jwf3nMHAoZJw7f-uML33Ismw9SOeHlbncw==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request startSSO.ping
fedsso3.gilead.com/idp/
4 KB
5 KB
Document
General
Full URL
https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
7282747951b9e9257c0545d560d95e01336f7e1ddeef934e32690644f2aa3929

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://cloud.workhuman.com
Referer
https://cloud.workhuman.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Length
4319
Content-Type
text/html;charset=utf-8
Date
Fri, 11 Nov 2022 23:26:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
screen.1.css
fedsso3.gilead.com/assets/css/
10 KB
10 KB
Stylesheet
General
Full URL
https://fedsso3.gilead.com/assets/css/screen.1.css
Requested by
Host: fedsso3.gilead.com
URL: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
42efe84b9f1e1cc4aa584cae60c436c9882cef3338d5d1220c0b9421ff846040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedsso3.gilead.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 11 Nov 2022 23:26:56 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 15 Jul 2022 07:00:37 GMT
Content-Length
9954
Content-Type
text/css
fluid.1.css
fedsso3.gilead.com/assets/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://fedsso3.gilead.com/assets/css/fluid.1.css
Requested by
Host: fedsso3.gilead.com
URL: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
b924523d619b5a660d779b438e80dfa97846d64d515911bd296e8b05544b6b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedsso3.gilead.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 11 Nov 2022 23:26:56 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Sat, 27 Mar 2021 07:58:21 GMT
Content-Length
1981
Content-Type
text/css
fluid.landscape.1.css
fedsso3.gilead.com/assets/css/
1 KB
2 KB
Stylesheet
General
Full URL
https://fedsso3.gilead.com/assets/css/fluid.landscape.1.css
Requested by
Host: fedsso3.gilead.com
URL: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
4a1e324bcce1e0a67b8bfc1f698b175d3c48d2769bf05739f3d0bfff775649b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedsso3.gilead.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 11 Nov 2022 23:26:57 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 15 Jul 2022 07:00:37 GMT
Content-Length
1278
Content-Type
text/css
gilead_logo1.gif
fedsso3.gilead.com/gilead/assets/images/
3 KB
3 KB
Image
General
Full URL
https://fedsso3.gilead.com/gilead/assets/images/gilead_logo1.gif
Requested by
Host: fedsso3.gilead.com
URL: https://fedsso3.gilead.com/idp/startSSO.ping?PartnerSpId=workhuman-gilead&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dgilead
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
6b8ed5ffa2ac0d9d0d92f6dbada43f9c42cddf409e9048fe49aa498475c1673d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedsso3.gilead.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 11 Nov 2022 23:26:57 GMT
Last-Modified
Wed, 26 Mar 2014 22:09:13 GMT
Accept-Ranges
bytes
ETag
W/"IpvEJCxGbGMIpvFYCw2xZA"
Content-Length
2779
Content-Type
image/gif
bg_sprite.1.png
fedsso3.gilead.com/assets/images/
2 KB
2 KB
Image
General
Full URL
https://fedsso3.gilead.com/assets/images/bg_sprite.1.png
Requested by
Host: fedsso3.gilead.com
URL: https://fedsso3.gilead.com/assets/css/screen.1.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.156.237.215 , United States, ASN46186 (GILD-SCI, US),
Reverse DNS
Software
/
Resource Hash
9ed69ebbe2819041a5fe89c068f9a777025f7558324b550208e596a1421e4619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedsso3.gilead.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
Date
Fri, 11 Nov 2022 23:26:57 GMT
Cache-Control
must-revalidate,no-cache,no-store
Referrer-Policy
origin
Content-Length
1778
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| postOk function| postCancel function| postOnReturn function| setFocus

8 Cookies

Domain/Path Name / Value
cloud.workhuman.com/microsites Name: client
Value: gilead
.workhuman.com/ Name: optimizelyEndUserId
Value: oeu1668209215135r0.7507338037391948
cloud.workhuman.com/ Name: AWSALB
Value: ChJYKCHbMBoZkJsQ0d6/7ZT8L9lRB65Gq3rNMueNUxiH6S1wNCAZrkMzYFrHdAceOkJ3h6OkQYPrsc7SJmRYfJAB2919kOoTXHsTATtbHBr5DP5MnOQYkUD0ZmNL
cloud.workhuman.com/ Name: AWSALBCORS
Value: ChJYKCHbMBoZkJsQ0d6/7ZT8L9lRB65Gq3rNMueNUxiH6S1wNCAZrkMzYFrHdAceOkJ3h6OkQYPrsc7SJmRYfJAB2919kOoTXHsTATtbHBr5DP5MnOQYkUD0ZmNL
cloud.workhuman.com/ Name: cf_client
Value: gilead
cloud.workhuman.com/ Name: JSESSIONID
Value: ADD29BE99CA78E596F0BD65CA88BB53D
fedsso3.gilead.com/ Name: PF
Value: 5rurLPvy7x4xitUoXTqwTj1A7jmm2OvjgxXMQZGl9ALQ
.fedsso3.gilead.com/ Name: TS016d7870
Value: 017598cca9ac563012f91c0d8cb64cce8bbcacd6698a544db8ecca4cc6828f9393c39701e3aa8fe081e72299a82ddd44c7efe7e726cf5b9aefc72096fd498bf7cf81a1bdb9

3 Console Messages

Source Level URL
Text
network error URL: https://cloud.workhuman.com/microsites/login/userSessionAuthToken?
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://cloud.workhuman.com/microsites/login/userSessionAuthToken?
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://fedsso3.gilead.com/assets/images/bg_sprite.1.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block