urlscan.io logo urlscan.io
SecurityTrails logo

traxonlyclient1412v1.bamboohr.com Open in urlscan Pro
2606:4700::6810:5555  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://traxonlyclient1412v1.bamboohr.com/
Effective URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Submission: On November 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6810:5555, located in United States and belongs to CLOUDFLARENET, US. The main domain is traxonlyclient1412v1.bamboohr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 18th 2020. Valid for: a year.
This is the only time traxonlyclient1412v1.bamboohr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 2606:4700::68... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:218... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 7
6    2606:4700::6810:5555 (United States)

ASN13335 (CLOUDFLARENET, US)
traxonlyclient1412v1.bamboohr.com
11    2606:4700::6810:3855 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.bamboohr.com
1    2600:9000:2182:1e00:2:53a3:f700:93a1 (United States)

ASN16509 (AMAZON-02, US)
images7.bamboohr.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
11 resources.bamboohr.com traxonlyclient1412v1.bamboohr.com
resources.bamboohr.com
6 traxonlyclient1412v1.bamboohr.com 2 redirects resources.bamboohr.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com traxonlyclient1412v1.bamboohr.com
1 cdnjs.cloudflare.com traxonlyclient1412v1.bamboohr.com
1 images7.bamboohr.com traxonlyclient1412v1.bamboohr.com
0 stats.g.doubleclick.net Failed www.google-analytics.com
21 7

This site contains links to these domains. Also see Links.

Domain
www.bamboohr.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-18 -
2021-11-17		 a year crt.sh
bamboohr.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
*.bamboohr.com
Amazon		 2020-08-06 -
2021-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-28 -
2021-01-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Frame ID: 010C6D1415F9216F676EF5F872B6BC17
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://traxonlyclient1412v1.bamboohr.com/ HTTP 302
    https://traxonlyclient1412v1.bamboohr.com/home/ HTTP 302
    https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

21
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

3242 kB
Transfer

8503 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://traxonlyclient1412v1.bamboohr.com/ HTTP 302
    https://traxonlyclient1412v1.bamboohr.com/home/ HTTP 302
    https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
traxonlyclient1412v1.bamboohr.com/
Redirect Chain
  • https://traxonlyclient1412v1.bamboohr.com/
  • https://traxonlyclient1412v1.bamboohr.com/home/
  • https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df3a0e8eb34372b0a2b7f6fd976b1cba0e9c08dd7571fc9d6bfe18791cf556c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
traxonlyclient1412v1.bamboohr.com
:scheme
https
:path
/login.php?r=%2Fhome%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d3686f091338071a4b612983f57487f7e1605725924; PHPSESSID=ZHz3k5oINntjwsXJDrmQO1mT%2CS278N9F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 18 Nov 2020 18:58:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Authorization,User-Agent
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
067e524a04000005f9b512d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f43ecbcda7905f9-FRA

Redirect headers

status
302
date
Wed, 18 Nov 2020 18:58:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=ZHz3k5oINntjwsXJDrmQO1mT%2CS278N9F; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
location
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Authorization,User-Agent
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
067e5247cd000005f9cf2fb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f43ecb94f8705f9-FRA
global.4359233e.dist.css
resources.bamboohr.com/css/ 		644 KB
209 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/global.4359233e.dist.css
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d580388e27b49e0dc13da44ef16d1c1e2d4115c1793a3a1cf405d5bdbbad353a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
161257
status
200
cf-request-id
067e524c2a0000c2fef1950000000001
last-modified
Mon, 16 Nov 2020 21:26:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048a5c2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
global-jade.900c2ab3.dist.css
resources.bamboohr.com/css/ 		177 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f51da54324bf75eea1c97fe44ac3d4b6dc28b465d4b2f15188fc06b9aa0f06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
505777
status
200
cf-request-id
067e524c2a0000c2fe5f8af000000001
last-modified
Thu, 12 Nov 2020 22:18:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048a7c2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
login.7770b6ac.dist.css
resources.bamboohr.com/css/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/login.7770b6ac.dist.css
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28afd713394166ec6cb90da3130dd1ab4b34de75186497bd708f995037d270f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
698194
status
200
cf-request-id
067e524c2a0000c2fe70b9b000000001
last-modified
Tue, 10 Nov 2020 16:48:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048abc2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
vendor.3eb662e9.dist.js
resources.bamboohr.com/js/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/vendor.3eb662e9.dist.js
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faad8e8b6e9b98cf2adcd61590830a4031b21e1abccd5dac674e7f29ec219bcc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
525700
status
200
cf-request-id
067e524c2b0000c2fec5a52000000001
last-modified
Thu, 12 Nov 2020 16:04:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048adc2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
common.8970bae5.dist.js
resources.bamboohr.com/js/ 		1 MB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/common.8970bae5.dist.js
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b64e90f9e4a59d8d1f889de7a2114b2a125b57e9c86ffc528fdd855562d2b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
4001
status
200
cf-request-id
067e524c2b0000c2fe53889000000001
last-modified
Wed, 18 Nov 2020 17:18:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048b1c2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
head.7b7dfe83.dist.js
resources.bamboohr.com/js/ 		440 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/head.7b7dfe83.dist.js
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
927113755f8a4ef1e293f004e526db04c3f001258d44bfe45c886c60368168a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
838707
status
200
cf-request-id
067e524c2b0000c2fecb1ec000000001
last-modified
Fri, 06 Nov 2020 23:31:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc048afc2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
cropped.jpg
images7.bamboohr.com/283857/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images7.bamboohr.com/283857/logos/cropped.jpg?v=26
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1e00:2:53a3:f700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbf3d740277f3a5478594e30b90b240b3f55c930984dbdd00d75b84d97571484

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 17 Nov 2020 23:29:59 GMT
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
last-modified
Mon, 26 Oct 2020 17:38:13 GMT
server
AmazonS3
age
70128
etag
"7f8cc4d75c08ad89f7d1ad6dd09cb72b"
x-cache
Hit from cloudfront
x-amz-version-id
4mSObN9wZKvae4ASvF4nLSNZXtQiGlrm
status
200
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-type
application/octet-stream
content-length
1807
x-amz-cf-id
K9s6wRe5PZ8RIWbhxKF9icpSC_sQMgzwP52Csq897KbqLL5Oj7-NDQ==
jstz.min.js
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/jstz.min.js
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1099211
x-via
cfworker/kv
status
200
content-length
1595
cf-request-id
067e524cb000002c2ef2a0e000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:58 GMT
server
cloudflare
etag
"5eb03ece-14dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uerbxGhV1FoAzFbGXZFXVsyE9UhBC8zKZK0f3FW1IzGmftD%2Fqth64kpHrwNFydYuiB5iDNF56aLtcLLChOB7BZR48j4QaZ1Gk2R53oN7SdXS2qLQaeavjF8kiov5lWeLNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f43ecc11a462c2e-FRA
expires
Mon, 08 Nov 2021 18:58:46 GMT
login.7770b6ac.dist.js
resources.bamboohr.com/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/login.7770b6ac.dist.js
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f0bb2e78069dc268d7626594f7dc3378fc363f9de7f6c7da8a2e05355ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
698193
status
200
cf-request-id
067e524cc30000c2fe97a0e000000001
last-modified
Tue, 10 Nov 2020 16:48:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
5f43ecc13a5ec2fe-FRA
expires
Thu, 18 Nov 2021 18:58:46 GMT
print.css
resources.bamboohr.com/20.1118.113306-49b1eac/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/20.1118.113306-49b1eac/css/print.css?cb=7df2aaef
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5233ecbd1df0d474c743f01863dc11c0cb704406c7e3d0f36581398c26b4722
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
147
status
200
cf-request-id
067e524db50000c2fe9e245000000001
last-modified
Wed, 18 Nov 2020 18:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=259200
cf-ray
5f43ecc2bdcbc2fe-FRA
expires
Sat, 21 Nov 2020 18:58:46 GMT
gtm.js
www.googletagmanager.com/ 		126 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ZC3S
Requested by
Host: traxonlyclient1412v1.bamboohr.com
URL: https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd017543f660f9e21ff48d3d327f849a5eb83f9b18da40fa1dc37b51469f89ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:46 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46877
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Nov 2020 18:58:46 GMT
i18n.php
traxonlyclient1412v1.bamboohr.com/js/locale/ 		240 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://traxonlyclient1412v1.bamboohr.com/js/locale/i18n.php?lang=en_US&ns=translation+moment
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/js/vendor.3eb662e9.dist.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4096d8ac13df6389676a6b4ced6193be0e46e054cbef71f27576a33f1e4b053
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,User-Agent
content-type
application/json
status
200
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
cf-ray
5f43ecc27da405f9-FRA
cf-request-id
067e524d8b000005f9e83c2000000001
fabric.b6177853.dist.svg
traxonlyclient1412v1.bamboohr.com/images/ 		2 MB
885 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://traxonlyclient1412v1.bamboohr.com/images/fabric.b6177853.dist.svg
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/js/vendor.3eb662e9.dist.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57013ce49815f9aa7915c0fd5e6f282da39b766dfaa628af12c0af04ead21f9e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
vary
Authorization,User-Agent, Accept-Encoding
cf-request-id
067e524dc0000005f9290e9000000001
last-modified
Wed, 18 Nov 2020 18:46:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
cf-ray
5f43ecc2cef505f9-FRA
expires
Thu, 18 Nov 2021 18:58:47 GMT
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dca4ec8b563eac6680f64cc91ba3350465aaec15173f4b31402cd1cd2576b2bf

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Lato-Semibold.woff2
resources.bamboohr.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Semibold.woff2?cb=0b999974
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa097c08a7ec2f1ab6ee35e48f8fce68d0abd7dc05a91d73920ea5838cba464
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://traxonlyclient1412v1.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
27852
cf-request-id
067e524dd60000c2fe5003b000000001
last-modified
Wed, 18 Nov 2020 18:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5f43ecc2fe4ec2fe-FRA
expires
Thu, 18 Nov 2021 18:58:47 GMT
Lato-Regular.woff2
resources.bamboohr.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Regular.woff2?cb=eb87a233
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3454cd4b63c4ebea45cf074e8a8131f9f1e1b9edf471370cb2b918c857c721a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://traxonlyclient1412v1.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
27968
cf-request-id
067e524dd70000c2fe03869000000001
last-modified
Wed, 18 Nov 2020 18:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5f43ecc2fe54c2fe-FRA
expires
Thu, 18 Nov 2021 18:58:47 GMT
Lato-Heavy.woff2
resources.bamboohr.com/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Heavy.woff2?cb=7bc49d92
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ffe8f087515c5af83a5ec69467f6805a6abf433f64c0f6ea6d8e2eeb853adf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://traxonlyclient1412v1.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.900c2ab3.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
status
200
content-length
28412
cf-request-id
067e524dd70000c2fe81a30000000001
last-modified
Wed, 18 Nov 2020 18:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
5f43ecc2fe52c2fe-FRA
expires
Thu, 18 Nov 2021 18:58:47 GMT
truncated
/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ZC3S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4163
date
Wed, 18 Nov 2020 17:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 18 Nov 2020 19:49:24 GMT
collect
www.google-analytics.com/j/ 		2 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1732440540&t=pageview&_s=1&dl=https%3A%2F%2Ftraxonlyclient1412v1.bamboohr.com%2Flogin.php%3Fr%3D%252Fhome%252F&ul=en-us&de=UTF-8&dt=Login%20%E2%80%93%20Trax%20Only%20Client%201412&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1640659415&gjid=1818303957&cid=1839345051.1605725927&tid=UA-5806974-3&_gid=1691523869.1605725927&_r=1&gtm=2wgb41ZC3S&z=198118267
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 18:58:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://traxonlyclient1412v1.bamboohr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
parse_csp_report.php
traxonlyclient1412v1.bamboohr.com/ajax/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://traxonlyclient1412v1.bamboohr.com/ajax/parse_csp_report.php
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://traxonlyclient1412v1.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 18 Nov 2020 18:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
text/html; charset=UTF-8
status
200
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
cf-ray
5f43ecc44bdc05f9-FRA
vary
Accept-Encoding, Authorization,User-Agent
cf-request-id
067e524eae000005f9e83ec000000001
collect
stats.g.doubleclick.net/j/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-5806974-3&cid=1839345051.1605725927&jid=1640659415&gjid=1818303957&_gid=1691523869.1605725927&_u=YEBAAAAAAAAAAC~&z=900778864

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| dataLayer object| webpackJsonp object| BambooHR string| GLOBAL_DATEPICKER_MASK function| $ function| jQuery function| setImmediate function| clearImmediate function| Res function| res function| DP_jQuery_1605725926736 function| _ function| moment function| sprintf function| getStylesFromString function| mergeStyleStrings object| i18next object| React function| applyFocusVisiblePolyfill object| ReactDom function| closeMessage function| setMessage object| jQuery18306233002156775491 function| attachCSRFTokens function| attachCSRFInput function| microTemplate string| CSRF_TOKEN object| jstz object| loginErrors function| postscribe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.traxonlyclient1412v1.bamboohr.com/ Name: _gid
Value: GA1.3.1691523869.1605725927
.traxonlyclient1412v1.bamboohr.com/ Name: _ga
Value: GA1.3.1839345051.1605725927
traxonlyclient1412v1.bamboohr.com/ Name: PHPSESSID
Value: ZHz3k5oINntjwsXJDrmQO1mT%2CS278N9F
.traxonlyclient1412v1.bamboohr.com/ Name: _gat_UA-5806974-3
Value: 1
.bamboohr.com/ Name: __cfduid
Value: d3686f091338071a4b612983f57487f7e1605725924

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
images7.bamboohr.com
resources.bamboohr.com
stats.g.doubleclick.net
traxonlyclient1412v1.bamboohr.com
www.google-analytics.com
www.googletagmanager.com
stats.g.doubleclick.net
2600:9000:2182:1e00:2:53a3:f700:93a1
2606:4700::6810:125e
2606:4700::6810:3855
2606:4700::6810:5555
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
0df3a0e8eb34372b0a2b7f6fd976b1cba0e9c08dd7571fc9d6bfe18791cf556c
28afd713394166ec6cb90da3130dd1ab4b34de75186497bd708f995037d270f7
3454cd4b63c4ebea45cf074e8a8131f9f1e1b9edf471370cb2b918c857c721a4
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
57013ce49815f9aa7915c0fd5e6f282da39b766dfaa628af12c0af04ead21f9e
61f0bb2e78069dc268d7626594f7dc3378fc363f9de7f6c7da8a2e05355ecbff
927113755f8a4ef1e293f004e526db04c3f001258d44bfe45c886c60368168a6
9aa097c08a7ec2f1ab6ee35e48f8fce68d0abd7dc05a91d73920ea5838cba464
a5233ecbd1df0d474c743f01863dc11c0cb704406c7e3d0f36581398c26b4722
b4ffe8f087515c5af83a5ec69467f6805a6abf433f64c0f6ea6d8e2eeb853adf
cd017543f660f9e21ff48d3d327f849a5eb83f9b18da40fa1dc37b51469f89ea
d4096d8ac13df6389676a6b4ced6193be0e46e054cbef71f27576a33f1e4b053
d580388e27b49e0dc13da44ef16d1c1e2d4115c1793a3a1cf405d5bdbbad353a
d9b64e90f9e4a59d8d1f889de7a2114b2a125b57e9c86ffc528fdd855562d2b1
dca4ec8b563eac6680f64cc91ba3350465aaec15173f4b31402cd1cd2576b2bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f4f51da54324bf75eea1c97fe44ac3d4b6dc28b465d4b2f15188fc06b9aa0f06
faad8e8b6e9b98cf2adcd61590830a4031b21e1abccd5dac674e7f29ec219bcc
fbf3d740277f3a5478594e30b90b240b3f55c930984dbdd00d75b84d97571484