urlscan.io logo urlscan.io
SecurityTrails logo

oxd-int-infinity.orangehrm.com Open in urlscan Pro
3.211.124.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://oxd-int-infinity.orangehrm.com/
Submission: On November 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 3.211.124.30, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is oxd-int-infinity.orangehrm.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on April 11th 2024. Valid for: a year.
This is the only time oxd-int-infinity.orangehrm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 3.211.124.30 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.99 15169 (GOOGLE)
17 3
Apex Domain
Subdomains		 Transfer
15 orangehrm.com
oxd-int-infinity.orangehrm.com
3 MB
1 gstatic.com
fonts.gstatic.com
38 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
17 3
Domain Requested by
15 oxd-int-infinity.orangehrm.com oxd-int-infinity.orangehrm.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com oxd-int-infinity.orangehrm.com
17 3

This site contains links to these domains. Also see Links.

Domain
drive.google.com
www.figma.com
Subject Issuer Validity Valid
*.orangehrm.com
GeoTrust TLS RSA CA G1		 2024-04-11 -
2025-05-12		 a year crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://oxd-int-infinity.orangehrm.com/
Frame ID: FB1CA00EAFABF15175EB5833A2E77EDB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OXD Guide

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2989 kB
Transfer

3127 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oxd-int-infinity.orangehrm.com/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
83d0bba4955fa4d16371dac630e301a0f883cce8e64f2e7bf0ab7e079d8151e9
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
9973
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
content-type
text/html; charset=UTF-8
date
Fri, 08 Nov 2024 19:18:35 GMT
etag
"26f5-5fd0c405fac40"
last-modified
Thu, 01 Jun 2023 07:19:05 GMT
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains;
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bootstrap.min.css
oxd-int-infinity.orangehrm.com/vendor/bootstrap/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"2606e-5a0a1411aaf80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
155758
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Thu, 12 Mar 2020 05:02:06 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
css2
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed12d534f2289cf419d5726f709f38986d214a12f04a2be1ff8f2b50e3f20f43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 19:18:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 19:18:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 08 Nov 2024 19:09:33 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
oxd-styler.css
oxd-int-infinity.orangehrm.com/css/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
441ebebdda44ddc8b1db0aaef9fa17cd2cdf1411d8c6e5f22f3e080ddf247961
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"2a0a-5fc05d0e11040"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
10762
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 19 May 2023 06:13:13 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
logo.png
oxd-int-infinity.orangehrm.com/img/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/logo.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9722e5a81f585384d3bb1bee996e43a7f6a6b48fc8ea67fedf999127d54fa597
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"20375-5bc22077b8a00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
131957
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Thu, 25 Feb 2021 05:00:24 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
mainicon1.png
oxd-int-infinity.orangehrm.com/img/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/mainicon1.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b3cd13e40886b84e1571ed0940746880ea3ee5093549589b57ccfa988cd52f84
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"137d1-5bef81cafbf80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
79825
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 02 Apr 2021 07:15:26 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
mainicon2.png
oxd-int-infinity.orangehrm.com/img/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/mainicon2.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b42ce1399a3280e5f908a760c181c1eb8b46921dcc0cedbf0cee244e31c1dcac
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"1ac37-5bef82b3ae480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
109623
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 02 Apr 2021 07:19:30 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
mainicon3.png
oxd-int-infinity.orangehrm.com/img/ 		149 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/mainicon3.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8c937e832a109ddf11a05fd5decc5537ba1f5bbfe8a6ef7befeee1e9d012423d
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"255f3-5bef836e99d80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
153075
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 02 Apr 2021 07:22:46 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
logo.png
oxd-int-infinity.orangehrm.com/img/ 		129 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/logo.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9722e5a81f585384d3bb1bee996e43a7f6a6b48fc8ea67fedf999127d54fa597
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"20375-5bc22077b8a00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
131957
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Thu, 25 Feb 2021 05:00:24 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
jquery.min.js
oxd-int-infinity.orangehrm.com/vendor/jquery/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/vendor/jquery/jquery.min.js
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"15851-5a0a1411aaf80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
88145
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Thu, 12 Mar 2020 05:02:06 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
bootstrap.bundle.min.js
oxd-int-infinity.orangehrm.com/vendor/bootstrap/js/ 		77 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"1332b-5a0a1411aaf80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
78635
date
Fri, 08 Nov 2024 19:18:35 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Thu, 12 Mar 2020 05:02:06 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
mainbanner.png
oxd-int-infinity.orangehrm.com/img/ 		607 KB
608 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/mainbanner.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8fa5ec5b3950f6d65b8fa41249566c94d95a67e94726a93e3f4b819943908193
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"97b67-5bef7bfb40980"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
621415
date
Fri, 08 Nov 2024 19:18:36 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 02 Apr 2021 06:49:26 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
oim-bg.jpg
oxd-int-infinity.orangehrm.com/img/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/oim-bg.jpg
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
436712f0130498774a949effca7ec59d22f723c0e7e0bc0aa1f15cdb5234ff7f
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"2bc6e-5f64921a41440"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
179310
date
Fri, 08 Nov 2024 19:18:36 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 07 Mar 2023 06:00:41 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
xdbanner.png
oxd-int-infinity.orangehrm.com/img/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/xdbanner.png
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
45b234692a334032f9a747c32925c7ebf785cfd6f6cba700fcb8bab2b1411715
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"2ef0e-5bef775e9a800"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
192270
date
Fri, 08 Nov 2024 19:18:36 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 02 Apr 2021 06:28:48 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
dashboard-banner.jpg
oxd-int-infinity.orangehrm.com/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxd-int-infinity.orangehrm.com/img/dashboard-banner.jpg
Requested by
Host: oxd-int-infinity.orangehrm.com
URL: https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cd36bc48201e53b752e808a2f3dd557199a074a3c101818d7c34d58411faeb88
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/css/oxd-styler.css

Response headers

strict-transport-security
max-age=63072000; includeSubdomains;
content-security-policy
default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
etag
"123a3a-5f1f6aac77340"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1194554
date
Fri, 08 Nov 2024 19:18:36 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 11 Jan 2023 05:56:53 GMT
server
nginx
public-key-pins
pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://oxd-int-infinity.orangehrm.com
Referer
https://fonts.googleapis.com/

Response headers

age
187112
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:04 GMT
last-modified
Thu, 14 Sep 2023 00:02:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39124
x-xss-protection
0
server
sffe
favicon.ico
oxd-int-infinity.orangehrm.com/ 		209 B
286 B 		Other
General
Check archive.org
Download Go to
Full URL
https://oxd-int-infinity.orangehrm.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.211.124.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-124-30.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://oxd-int-infinity.orangehrm.com/

Response headers

content-length
209
date
Fri, 08 Nov 2024 19:18:42 GMT
content-type
text/html; charset=iso-8859-1
server
nginx

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap function| myFunction function| showPage object| dropdown

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://oxd-int-infinity.orangehrm.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src blob: 'self' *.projects-abroad.net fonts.googleapis.com www.google.com fonts.gstatic.com code.jquery.com maxcdn.bootstrapcdn.com ajax.googleapis.com cdnjs.cloudflare.com native.testing.equest.com www.youtube.com demo.docusign.net youtu.be player.vimeo.com docs.google.com 'unsafe-inline' 'unsafe-eval' data: font;frame-src 'self' www.youtube.com www.vimeo.com vimeo.com www.yahoo.com www.dailymotion.com www.metacafe.com www.ustream.tv data: *.amazonaws.com native.testing.equest.com sandbox.e-signlive.com;connect-src 'self' *.orangehrm.com https://prod.spline.design/UK9ZSktsIvloTOpe/scene.splinecode;img-src * 'self' data: blob:
Public-Key-Pins pin-sha256="yQhO6YqQX5Y/NxyHAjXnI3jOtYWUm/TtRr666RunXRg=";pin-sha256="WXDfGFFCnQIIh0nuqVGw4nFn+aeW/FrzWeec5j/+FKI=";pin-sha256="Md7QJIL/UMqdHaS73pEkLHm5ofUUE35+r4SYdM014/E="; max-age=63072000; includeSubDomains
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block