urlscan.io logo urlscan.io
SecurityTrails logo

www.lumaworkplace.com Open in urlscan Pro
54.225.247.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://luma-workplace-6c4791a8e64a.intercom-clicks.com/via/e?ob=6t41GvzfeROKo1zet5Kf5RGViu8nJ4HvYT0766hLAoXfrkuJz6ou4eccBXlvHn1L7BDZZ0Ro2Rg118LNcezIQe0...
Effective URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Submission: On December 11 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 54.225.247.62, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.lumaworkplace.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 28th 2019. Valid for: a year.
This is the only time www.lumaworkplace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:20e... 16509 (AMAZON-02)
5 54.225.247.62 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
1 152.199.21.2 15133 (EDGECAST)
1 104.16.113.53 13335 (CLOUDFLAR...)
12 5
1    2600:9000:20eb:e200:19:1477:f380:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
luma-workplace-6c4791a8e64a.intercom-clicks.com
5    54.225.247.62 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-247-62.compute-1.amazonaws.com
www.lumaworkplace.com
4    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
maps.googleapis.com
1    152.199.21.2 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
hello.myfonts.net
1    104.16.113.53 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
js.recurly.com
Domain Requested by
5 www.lumaworkplace.com www.lumaworkplace.com
4 maps.googleapis.com www.lumaworkplace.com
maps.googleapis.com
1 js.recurly.com www.lumaworkplace.com
1 hello.myfonts.net www.lumaworkplace.com
1 luma-workplace-6c4791a8e64a.intercom-clicks.com 1 redirects
0 c.sproutvideo.com Failed www.lumaworkplace.com
12 6

This site contains no links.

Subject Issuer Validity Valid
*.lumaworkplace.com
Go Daddy Secure Certificate Authority - G2		 2019-03-28 -
2020-03-28		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
hello.myfonts.net
DigiCert SHA2 Secure Server CA		 2019-06-03 -
2021-06-07		 2 years crt.sh
*.recurly.com
DigiCert SHA2 High Assurance Server CA		 2017-01-30 -
2020-04-29		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Frame ID: 46BC6413C5FA321F310259481C64190D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://luma-workplace-6c4791a8e64a.intercom-clicks.com/via/e?ob=6t41GvzfeROKo1zet5Kf5RGViu8nJ4HvYT0766hLAoXfrkuJz6ou4eccBXlvHn1L7BD... HTTP 302
    https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i
Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Page Statistics

12
Requests

92 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

2020 kB
Transfer

8480 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://luma-workplace-6c4791a8e64a.intercom-clicks.com/via/e?ob=6t41GvzfeROKo1zet5Kf5RGViu8nJ4HvYT0766hLAoXfrkuJz6ou4eccBXlvHn1L7BDZZ0Ro2Rg118LNcezIQe0ZjsKBMD%2FR5pJv9pYud93DbDRKkDoQ%2F28lJ0Tued0NaebljvqQ7lxuATFyLDyyIQ%3D%3D&h=e2be866d6276fcac177bd9526c1b8b5c3eeda01b-24956896102&l=03c6740929c1dcb002f1371a9d98caaa4c6cb45c-2180224 HTTP 302
    https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set orientation
www.lumaworkplace.com/classes/
Redirect Chain
  • https://luma-workplace-6c4791a8e64a.intercom-clicks.com/via/e?ob=6t41GvzfeROKo1zet5Kf5RGViu8nJ4HvYT0766hLAoXfrkuJz6ou4eccBXlvHn1L7BDZZ0Ro2Rg118LNcezIQe0ZjsKBMD%2FR5pJv9pYud93DbDRKkDoQ%2F28lJ0Tued0N...
  • https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.247.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-247-62.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4f115e0efe12c86018783f181c14bc4a496c5af473d24d94ef0d03d6c06668ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: *.gstatic.com; connect-src 'self' https: about: *.launchdarkly.com *.intercom.io *.segment.io wss://*.intercom.io *.fullstory.com; font-src 'self' https: data: *.intercomcdn.com; img-src 'self' https: data: *.sproutvideo.com *.lumaworkplace.com *.intercomassets.com *.google-analytics.com maps.googleapis.com *.trustarc.com *.gstatic.com; media-src 'self' https: *.sproutvideo.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' about: maps.googleapis.com *.google-analytics.com *.sproutvideo.com js.recurly.com *.newrelic.com *.nr-data.net *.segment.com *.ravenjs.com *.intercomcdn.com *.fullstory.com *.trustarc.com; style-src 'self' https: 'unsafe-inline' hello.myfonts.net; frame-src 'self' *.sproutvideo.com *.recurly.com *.youtube.com accounts.google.com content.googleapis.com *.trustarc.com; report-uri /api/v1/csp_reports
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.lumaworkplace.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
Cowboy
Date
Wed, 11 Dec 2019 13:10:18 GMT
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
strict-origin-when-cross-origin
Content-Type
text/html; charset=utf-8
Etag
W/"4f115e0efe12c86018783f181c14bc4a"
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'self' https: *.gstatic.com; connect-src 'self' https: about: *.launchdarkly.com *.intercom.io *.segment.io wss://*.intercom.io *.fullstory.com; font-src 'self' https: data: *.intercomcdn.com; img-src 'self' https: data: *.sproutvideo.com *.lumaworkplace.com *.intercomassets.com *.google-analytics.com maps.googleapis.com *.trustarc.com *.gstatic.com; media-src 'self' https: *.sproutvideo.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' about: maps.googleapis.com *.google-analytics.com *.sproutvideo.com js.recurly.com *.newrelic.com *.nr-data.net *.segment.com *.ravenjs.com *.intercomcdn.com *.fullstory.com *.trustarc.com; style-src 'self' https: 'unsafe-inline' hello.myfonts.net; frame-src 'self' *.sproutvideo.com *.recurly.com *.youtube.com accounts.google.com content.googleapis.com *.trustarc.com; report-uri /api/v1/csp_reports
Set-Cookie
_luma_session_166db12e6a8abf15595023f136740759=d1cc0c5233ef4a58a4b9a03bb7e8e598; domain=.lumaworkplace.com; path=/; secure; HttpOnly
X-Request-Id
85f6e279-c628-4297-9c3e-d92616d9d424
X-Protected-By
Sqreen
X-Runtime
0.009320
Vary
Accept-Encoding, Origin
Content-Encoding
gzip
Transfer-Encoding
chunked
Via
1.1 vegur

Redirect headers

status
302 302 Found
content-type
text/html; charset=utf-8
location
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'self'; base-uri 'self'; child-src 'self' docs.google.com fast.wistia.net js.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com; connect-src 'self' app.intercom.com api-iam.intercom.io api-ping.intercom.io nexus-websocket-a.intercom.io nexus-long-poller-a.intercom.io wss://nexus-websocket-a.intercom.io uploads.intercomcdn.com static.intercomassets.com *.tiles.mapbox.com api.amplitude.com app.getsentry.com sentry.io js.logentries.com api.giphy.com api.stripe.com heapanalytics.com meet.intercom.com preview.intercom.com www.google-analytics.com stats.g.doubleclick.net www.facebook.com; font-src data: https:; frame-src 'self' docs.google.com fast.wistia.net js.stripe.com platform.twitter.com player.vimeo.com staticxx.facebook.com www.facebook.com web.facebook.com www.loom.com play.vidyard.com www.youtube.com intercom-sheets.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com gtm.intercom-marketing.com intercominc.typeform.com www.intercom-reporting.com; img-src data: blob: https:; media-src data: blob: https:; object-src 'none'; script-src 'self' js.intercomcdn.com static.intercomassets.com store.intercomassets.com billing-admin.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com store.intercom.io widget.intercom.io api.tiles.mapbox.com connect.facebook.net js.stripe.com netdna.bootstrapcdn.com platform.twitter.com static.segment.com switchet.s3.amazonaws.com www.google-analytics.com run.pstmn.io cdn.heapanalytics.com heapanalytics.com munchkin.marketo.net app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com admin.typeform.com; style-src 'self' 'unsafe-inline' static.intercomassets.com billing-internal.intercomcdn.com developer-home.intercomassets.com static.intercomcdn.com marketing.intercomassets.com api.tiles.mapbox.com fonts.googleapis.com maxcdn.bootstrapcdn.com netdna.bootstrapcdn.com heapanalytics.com app-sjqe.marketo.com app-sjst.marketo.com app-ab27.marketo.com fonts.intercomcdn.com
date
Wed, 11 Dec 2019 13:10:18 GMT
server
nginx
strict-transport-security
max-age=31556952; includeSubDomains; preload
user-agent
Amazon CloudFront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-intercom-version
6eca0095c195dc66fbc27b4ee895d5724c6614dc
x-request-id
0051gt2hvp9r5j1q5shg
x-robots-tag
noindex
x-runtime
0.017886
x-xss-protection
1; mode=block
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
lSYmMO517biMNvTORmpDZcRBJQFwU6e2sxrkLc72RH4u7N_W2soD8A==
js
maps.googleapis.com/maps/api/ 		120 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCeSO5XjJniHBAtuFkm45Uyk7IS8eRFirc&libraries=places
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
65516c70be6e05377d5515017708e7428b4f9ed8733f41f45e0233716b28cacf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lumaworkplace.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 13:10:19 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
vary
Accept-Language
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=15
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
39478
x-xss-protection
0
expires
Wed, 11 Dec 2019 13:40:19 GMT
vendor-20d53c96bacb7b1107328b5168113fbb.css
www.lumaworkplace.com/assets/ 		113 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lumaworkplace.com/assets/vendor-20d53c96bacb7b1107328b5168113fbb.css
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.247.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-247-62.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
337662fad8a253f04049a67ab9808501c7ce3a669fb1bca5acdbcabf91094316

Request headers

Referer
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003483
Date
Wed, 11 Dec 2019 13:10:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 21:10:37 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
X-Protected-By
Sqreen
Via
1.1 vegur
Cache-Control
public, s-maxage=300, maxage=300
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/css
X-Request-Id
17e31388-9be0-4cc0-bcec-4423f39e2a24
frontend-83124783462df6c0c0e6f447479c58e6.css
www.lumaworkplace.com/assets/ 		1 MB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lumaworkplace.com/assets/frontend-83124783462df6c0c0e6f447479c58e6.css
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.247.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-247-62.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9f8db65c30f9e44735b5752072510b7b774e5656fdadff066adba6263a487e8b

Request headers

Referer
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.003320
Date
Wed, 11 Dec 2019 13:10:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 21:10:37 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
X-Protected-By
Sqreen
Via
1.1 vegur
Cache-Control
public, s-maxage=300, maxage=300
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/css
X-Request-Id
ac56ebb7-ca6b-4a61-9663-ea26da4088c3
2faadd
hello.myfonts.net/count/ 		0
170 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/2faadd
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.2 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lha/8D3C) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 13:10:20 GMT
last-modified
Sun, 09 Jun 2019 10:41:28 GMT
server
ECAcc (lha/8D3C)
access-control-allow-origin
*
etag
"3102885117+gzip+ident"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
no-cache
content-length
0
expires
Wed, 11 Dec 2019 13:10:19 GMT
player_api.js
c.sproutvideo.com/ 		0
0
vendor-f45e4f7ec59db5d635df471ccc2eb05d.js
www.lumaworkplace.com/assets/ 		4 MB
973 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lumaworkplace.com/assets/vendor-f45e4f7ec59db5d635df471ccc2eb05d.js
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.247.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-247-62.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a36240200e53959e5f78fad1d82fa5530effb70285de1fa2301346de6f5bbe9d

Request headers

Referer
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002767
Date
Wed, 11 Dec 2019 13:10:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 21:10:37 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
X-Protected-By
Sqreen
Via
1.1 vegur
Cache-Control
public, s-maxage=300, maxage=300
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-Request-Id
512aacce-6df4-496d-b130-2eff0b04abcb
frontend-54adb28ba595674b21ad06e738a9d3b7.js
www.lumaworkplace.com/assets/ 		2 MB
707 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lumaworkplace.com/assets/frontend-54adb28ba595674b21ad06e738a9d3b7.js
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.247.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-247-62.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
1f1f2825a60e941ca14d3a8aa92ae83382951865e35a81d5f9c39e1dfa7d8707

Request headers

Referer
https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.004125
Date
Wed, 11 Dec 2019 13:10:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Dec 2019 21:10:37 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
X-Protected-By
Sqreen
Via
1.1 vegur
Cache-Control
public, s-maxage=300, maxage=300
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-Request-Id
c55468a6-1bea-4953-ba72-e61715611d8f
recurly.js
js.recurly.com/v4/ 		212 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.recurly.com/v4/recurly.js
Requested by
Host: www.lumaworkplace.com
URL: https://www.lumaworkplace.com/classes/orientation?utm_source=IC&utm_medium=email&utm_campaign=week1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.113.53 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b99f8f568006dc0ed36e85af92bede8c5111e1b4b8fd39345d788460bc05b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.lumaworkplace.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Dec 2019 13:10:20 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3131
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 24 Oct 2019 19:51:01 GMT
server
cloudflare
etag
W/"5db200a5-35148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
5437b2b94dbabdaa-AMS
expires
Wed, 11 Dec 2019 17:10:20 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/39/3/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/3/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCeSO5XjJniHBAtuFkm45Uyk7IS8eRFirc&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
008018ccd7791cb4c14ab8370357e85610dfdaba0a5f0e3cca30ccce760087fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lumaworkplace.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Dec 2019 13:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Dec 2019 19:57:29 GMT
server
sffe
age
83935
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28628
x-xss-protection
0
expires
Wed, 09 Dec 2020 13:51:29 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/39/3/ 		143 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/39/3/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCeSO5XjJniHBAtuFkm45Uyk7IS8eRFirc&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe5bccc8293a7e7090201417d39069c49bdeaea71e3a7a19d3ed4d74c0a1d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lumaworkplace.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Dec 2019 13:51:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 03 Dec 2019 19:57:29 GMT
server
sffe
age
83918
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
54099
x-xss-protection
0
expires
Wed, 09 Dec 2020 13:51:46 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.lumaworkplace.com%2Fclasses%2Forientation%3Futm_source%3DIC%26utm_medium%3Demail%26utm_campaign%3Dweek1&4sAIzaSyCeSO5XjJniHBAtuFkm45Uyk7IS8eRFirc&callback=_xdc_._gaehdm&key=AIzaSyCeSO5XjJniHBAtuFkm45Uyk7IS8eRFirc&token=30628
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/3/common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
mafe /
Resource Hash
a55c7bedd7c39e76632c80d7949f1e931171109b8bf86c782acea2e3f68a4ea5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lumaworkplace.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Dec 2019 13:10:24 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=31
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.sproutvideo.com
URL
https://c.sproutvideo.com/player_api.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| _xdc_

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: *.gstatic.com; connect-src 'self' https: about: *.launchdarkly.com *.intercom.io *.segment.io wss://*.intercom.io *.fullstory.com; font-src 'self' https: data: *.intercomcdn.com; img-src 'self' https: data: *.sproutvideo.com *.lumaworkplace.com *.intercomassets.com *.google-analytics.com maps.googleapis.com *.trustarc.com *.gstatic.com; media-src 'self' https: *.sproutvideo.com; script-src 'self' https: 'unsafe-inline' 'unsafe-eval' about: maps.googleapis.com *.google-analytics.com *.sproutvideo.com js.recurly.com *.newrelic.com *.nr-data.net *.segment.com *.ravenjs.com *.intercomcdn.com *.fullstory.com *.trustarc.com; style-src 'self' https: 'unsafe-inline' hello.myfonts.net; frame-src 'self' *.sproutvideo.com *.recurly.com *.youtube.com accounts.google.com content.googleapis.com *.trustarc.com; report-uri /api/v1/csp_reports
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block