vu.admin.theemployeeapp.com Open in urlscan Pro
18.164.116.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vu.admin.theemployeeapp.com/
Effective URL:
https://vu.admin.theemployeeapp.com/
Submission: On February 16 via api (February 16th 2023, 8:52:46 am UTC) from US — Scanned from US

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 6 domains to perform 24 HTTP transactions. The main IP is 18.164.116.116, located in United States and belongs to AMAZON-02, US. The main domain is vu.admin.theemployeeapp.com.
TLS certificate: Issued by Amazon on April 18th 2022. Valid for: a year.

This is the only time vu.admin.theemployeeapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.164.116.79 18.164.116.79	16509 (AMAZON-02) (AMAZON-02)
10	18.164.116.116 18.164.116.116	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2600:9000:250... 2600:9000:2509:5000:4:8ff3:780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.165.83.119 18.165.83.119	16509 (AMAZON-02) (AMAZON-02)
1	108.139.47.121 108.139.47.121	16509 (AMAZON-02) (AMAZON-02)
2	52.2.34.201 52.2.34.201	14618 (AMAZON-AES) (AMAZON-AES)
2	3.231.197.29 3.231.197.29	14618 (AMAZON-AES) (AMAZON-AES)
2	54.205.6.47 54.205.6.47	14618 (AMAZON-AES) (AMAZON-AES)
1	18.67.76.29 18.67.76.29	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.63 18.164.96.63	16509 (AMAZON-02) (AMAZON-02)
24	11

1 18.164.116.79 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-79.jfk50.r.cloudfront.net

vu.admin.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.116.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-116.jfk50.r.cloudfront.net

vu.admin.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2509:5000:4:8ff3:780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cdn.tiny.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.83.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-119.iad55.r.cloudfront.net

analytics-cdn.beta.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-121.jfk50.r.cloudfront.net

sp.tinymce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.34.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-34-201.compute-1.amazonaws.com

auth.indiciummobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.231.197.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-197-29.compute-1.amazonaws.com

auth.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.6.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-6-47.compute-1.amazonaws.com

graphql.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.76.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-29.iad89.r.cloudfront.net

analytics-io.beta.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-63.jfk50.r.cloudfront.net

cdn-logos.theemployeeapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	theemployeeapp.com 1 redirects vu.admin.theemployeeapp.com analytics-cdn.beta.theemployeeapp.com — Cisco Umbrella Rank: 584635 auth.theemployeeapp.com — Cisco Umbrella Rank: 505454 graphql.theemployeeapp.com analytics-io.beta.theemployeeapp.com cdn-logos.theemployeeapp.com	2 MB
2	indiciummobile.com auth.indiciummobile.com	928 B
2	tiny.cloud 1 redirects cdn.tiny.cloud — Cisco Umbrella Rank: 23260	158 KB
1	tinymce.com sp.tinymce.com — Cisco Umbrella Rank: 23106	360 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	776 B
24	6

	Domain	Requested by
11	vu.admin.theemployeeapp.com	1 redirects vu.admin.theemployeeapp.com
2	graphql.theemployeeapp.com	vu.admin.theemployeeapp.com
2	auth.theemployeeapp.com	vu.admin.theemployeeapp.com
2	auth.indiciummobile.com	vu.admin.theemployeeapp.com
2	analytics-cdn.beta.theemployeeapp.com	vu.admin.theemployeeapp.com
2	cdn.tiny.cloud	1 redirects vu.admin.theemployeeapp.com
1	cdn-logos.theemployeeapp.com
1	analytics-io.beta.theemployeeapp.com	vu.admin.theemployeeapp.com
1	sp.tinymce.com	vu.admin.theemployeeapp.com
1	cdnjs.cloudflare.com	vu.admin.theemployeeapp.com
1	fonts.googleapis.com	vu.admin.theemployeeapp.com
24	11

This site contains links to these domains. Also see Links.

Domain
login.theemployeeapp.com

Subject Issuer	Validity	Valid
theemployeeapp.com Amazon	`2022-04-18` - `2023-05-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
tinymce.com Amazon	`2022-06-21` - `2023-07-20`	a year	crt.sh
indiciummobile.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://vu.admin.theemployeeapp.com/
Frame ID: A52149D4DC74F8CE4174A07EDFD39B29
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vu.admin.theemployeeapp.com/ HTTP 301
https://vu.admin.theemployeeapp.com/ Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

25 %
IPv6

6
Domains

11
Subdomains

11
IPs

1
Countries

2341 kB
Transfer

11313 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://login.theemployeeapp.com/?subdomain=vu&callbackUrl=https://vu.admin.theemployeeapp.com
Title: Login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vu.admin.theemployeeapp.com/ HTTP 301
https://vu.admin.theemployeeapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5/tinymce.min.js HTTP 307
https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5.10.7-133/tinymce.min.js

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vu.admin.theemployeeapp.com/
Redirect Chain

http://vu.admin.theemployeeapp.com/
https://vu.admin.theemployeeapp.com/

3 KB
2 KB

434ms
339ms

Document
text/html

18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

03cc2d7d239f96ab7be08d7a61d51ee1b6ba3e3856280ab57c016c0d5ba3c6d9

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com ALLOW-FROM https://mgclb.sharepoint.com ALLOW-FROM https://connect.moog.com ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 64888
cache-control: max-age=0
content-encoding: br
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
content-type: text/html
date: Wed, 15 Feb 2023 14:51:11 GMT
etag: W/"b0e86e9e94eba90b10b60354dccccfcb"
last-modified: Tue, 07 Feb 2023 16:28:33 GMT
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-amz-cf-id: HqnKygfr6S7lS5Yh5dbRpAO-w86uN3QTqv2l52wXw_dYTt_6_MpkWg==
x-amz-cf-pop: JFK50-P6
x-amz-id-2: 1nwvA25psGJIhohRUcEHyklcbrQ5RgqNZSnvz8Xz2G9NyUTMHV2g2UwTDv5Mko1D8QkWp5Au4aY=
x-amz-request-id: 0QN0Q22YQT27433P
x-amz-server-side-encryption: AES256
x-amz-version-id: kdakikktk6DUptEhaLkiiFIjH_dHSy6.
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com ALLOW-FROM https://mgclb.sharepoint.com ALLOW-FROM https://connect.moog.com ALLOW-FROM https://onespace.baesystems.com
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 16 Feb 2023 08:52:38 GMT
Location: https://vu.admin.theemployeeapp.com/
Server: CloudFront
Via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ataaJkw8f6yRMK2qMIgMoVXgQB3hG7EJcI5fIihc8R-jZQYJR6Tfig==
X-Amz-Cf-Pop: JFK50-P6
X-Cache: Redirect from cloudfront

GET
H2 200 icon
fonts.googleapis.com/ 569 B
776 B 454ms
56ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 08:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 08:52:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Feb 2023 08:52:38 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 100 KB
19 KB 110ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://vu.admin.theemployeeapp.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2336304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18716
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-491c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZUjjI4Qg6oVxfePVc4LO8YvHZv3B9lMB6Xf8C2%2FRAiOzRQX8L5upP26KPUtyq4Ij9AsOEO0BDax2m4kXWrQvRYQuaQYXD12pIvUR8WaJrFii7sKxFRpKyI7sND7u1CdMpofTJTL4azA4bQuTg0azT6i"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79a50c5d1c062aa5-ORD
expires: Tue, 06 Feb 2024 08:52:38 GMT

GET
H2

200

tinymce.min.js Show response
cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5.10.7-133/
Redirect Chain

https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5/tinymce.min.js
https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5.10.7-133/tinymce.min.js

393 KB
158 KB

115ms
114ms

Script
application/javascript

2600:9000:2509:5000:4:8ff3:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5.10.7-133/tinymce.min.js
Requested by: Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/
Protocol: H2
Server: 2600:9000:2509:5000:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: d09ae5c6594493dc44243241caa3d0b999629ecd9a02365bce8098198cd2f132

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:39 GMT
content-encoding: gzip
via: 1.1 b7f525be96cecf61bbec66a423b622b0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
x-cache: Miss from cloudfront
server: nginx/1.20.0
etag: W/"W5+LbiJ4XkBkIH6+qpo23LBabZSIZ7Wy9elEkvoXwM8="
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: *
x-amz-cf-id: 95wuYB6bZsprRcNldQM339S8thRAXXddtFUHCgktLmKzOWc-aduJtg==

Redirect headers

date: Thu, 16 Feb 2023 08:52:38 GMT
via: 1.1 b7f525be96cecf61bbec66a423b622b0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P2
age: 4
x-cache: Miss from cloudfront
content-length: 0
server: nginx/1.20.0
access-control-max-age: 3600
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
location: https://cdn.tiny.cloud/1/474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo/tinymce/5.10.7-133/tinymce.min.js
access-control-allow-origin: *
cache-control: public, s-maxage=300, max-age=600
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: *
x-amz-cf-id: -FmOUjZgLOUiv0Vt59Hh60BdFXFHU5Pyq-WGv2XJ-Am5QU3OtLG1UA==

GET
H2 200 vendor.js Show response
vu.admin.theemployeeapp.com/ 8 MB
2 MB 256ms
230ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/vendor.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f59ea6af084f28767c64ece97c8686e52c747875db47dc3494bfb39b1b91cd4d

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:22:54 GMT
x-amz-version-id: rYW7nsCI7fI8nlPdNSGaovLwKnaHhagk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: 4G9F4ZB4AE6Y7MN5
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
age: 239385
x-cache: Hit from cloudfront
x-amz-id-2: K7iTkeSdU3S2qoE0/32jHlwZc9NEsp9mc2ZuFKGIePAtu50imSLNCpQ2e2wb2+Wtssl96jIMuzyMjcBuHIAdIA==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"393fa6b1d20e1951c0c6d6a29b7ffedf"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: QgdKJ_akpwe6Z7WQTkUbo8QEBPkj4zxWdnrUEal8vrIi7ih1DJIHgA==

GET
H2 200 components.js Show response
vu.admin.theemployeeapp.com/ 2 MB
192 KB 201ms
175ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/components.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7033f7588066646dc027197f7130f11d14af161af4cf755b5cd2cf4b4e373d62

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 13:15:46 GMT
x-amz-version-id: 14daJ8CRSWPCcMbZ2ZuqaP83plxMS_4t
content-encoding: br
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: QA5HHGWWR4Q0VA9Z
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
age: 243412
x-cache: Hit from cloudfront
x-amz-id-2: 46PgbgFUd5bRLrjcRVBrGOFR93nhf8KhM5B9IItV4urGqUiBSGsacih8vDMg1pNQbqA4HItJtnKv0sEEVwnGLQ==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"ba96c92f62103d0f2722f2378eeed8c6"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: j8Tu7ukYW5QDA8fI_IT0sMD1zcZZIYnwvjlqEesp80ijaQf3Y86LqA==

GET
H2 200 utils.js Show response
vu.admin.theemployeeapp.com/ 24 KB
6 KB 384ms
359ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/utils.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

06f77bf6f84d0e359292b8e1cc42878dbc51a14927bd4539ebc96c62e8cb0f6c

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:39 GMT
x-amz-version-id: Hm7hTeMFb3NIEUQqt0sb6FG.U407.nVP
content-encoding: br
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: RFA52H7GX8AY3YHF
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-id-2: i+7d1m44I4Jw/5mqREumiZY1auzPTL1cYc2ox09PGL4m9PwU/EsRZm2OCvLPDA2MszjWw1iHPJo=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"455af6474084a542b764ef2c9a50e77e"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: gF1f5ja3VJVRe-8jJX7J-57qMQfDt2CTpIWhC_Ydby4HD2Yh0bp02Q==

GET
H2 200 actions.js Show response
vu.admin.theemployeeapp.com/ 177 KB
24 KB 252ms
227ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/actions.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bc95bd964c20eb499676c01063c3facafc527c75be71a327494495361a9c61e6

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:22:55 GMT
x-amz-version-id: uvREHQX0ew8oy4tBEWCpzQgj6BJcWUhF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: WW5H1W9PDCNQR7CT
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
age: 239384
x-cache: Hit from cloudfront
x-amz-id-2: qpL4gT5rLgVmfWtx+1ffCr6v8xw4NimGdvsPZ301H2dwCPDNvMAwb5m22jBjC/f39E1vLTI2HMo=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"8366ae40ad0469bef58e98722d0ae1b1"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: 2gs10J_xvg59t8xS2ZVqwMsfUz3kWFqZXCBDgNxmhSQA-sRRnwjFTA==

GET
H2 200 workers.js Show response
vu.admin.theemployeeapp.com/ 125 KB
22 KB 375ms
351ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/workers.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

07534a75b33e4aecb8f72b6afe5a4aba5c617a4f7289638f61fce1ca0091dd59

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:22:55 GMT
x-amz-version-id: 7J2DrGnogh0iH.saiDlslaw7I_QrSfyl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: WW5J1K1Y06834WCY
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
age: 239384
x-cache: Hit from cloudfront
x-amz-id-2: 5KmZIxA4oWqConyqm555WyguBO8L4iP9XazbcGO/lySsssYounFA2+qMewWdDAhpBDtXRuLWU2c=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"919ff4ae8330f15ecba7ff54f423c82c"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: culo4t7kbSY0QXVCIuf2hVgok-p9H-qMdZIQrzPQnwSTPwutQPL6Ag==

GET
H2 200 constants.js Show response
vu.admin.theemployeeapp.com/ 15 KB
3 KB 89ms
66ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/constants.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

12c2436066517642b7438167f3f6bcdd7cd07a549adeddea088f4d0b97615812

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 1TK8Ao9IrbTiMoxXAEMVBF5KejEzSeeo
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 16:37:48 GMT
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-request-id: ZRGQWV9CG6D5WXV5
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-cache: Hit from cloudfront
age: 144891
x-amz-id-2: 9281ASYAigaW5OcjfGm/JotzIoqI3SvmfuYNuFHjrX5N5y7SLm8zqMyqavKY22+DzrSZrVfmPOyO8r9uf3DmGQ==
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"9ec3e38db6266b2caa6edfc76385331d"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: xOkvdzyQkKULU9rDjgEi6VqEF2y30aNzAgN6j2ruJaynd-U00meSxw==

GET
H2 200 stores.js Show response
vu.admin.theemployeeapp.com/ 286 KB
39 KB 164ms
141ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/stores.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2ddeacd105b5127f6d0bd2fad398d6678ea24b80492a093a2ce08200aace8a36

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 14:22:55 GMT
x-amz-version-id: _9qnlGhleEhKrWQ1ZMCiyHlevla1vcKW
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: WW5W5G7NFD4S9F9Q
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
age: 239384
x-cache: Hit from cloudfront
x-amz-id-2: 2k2u8chxCVp5bEbuyXPx/7puYiqmIiQTPAnyY6FrM/3ZUgnckD+0SM3u7Zq0D9MO5hi2y3co5c8=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"4b7019974fb2ea0da1f0ac73832f9526"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: 9ZGaW-DXSDTLXvVBn19tKkU0NldGKAV_Rl_kzcG1FYizBJwcezUtoQ==

GET
H2 200 main.js Show response
vu.admin.theemployeeapp.com/ 279 KB
53 KB 115ms
92ms Script
application/javascript 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vu.admin.theemployeeapp.com/main.js

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

067632f8b5e916e5db8d2cf767c673ab20e4ae8a43dc09efcf5cea7337fdac01

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: ha7kW9MWLv_ZUgF5vI8qOmGOXoZw9hBY
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Feb 2023 16:37:48 GMT
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-request-id: ZRGV49KT8KH4K721
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-cache: Hit from cloudfront
age: 144891
x-amz-id-2: DQa+bFEjt7HG9CI2NGE/b5IcydtxdD5cd4nRQVaLRpmEHgCeby6a0tmdy22r3C2Ltb09VO8HBtk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: W/"33bdc983c4c03c4e116640232a59e5f5"
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: application/javascript
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
x-amz-cf-id: PbamyQmyJM4AUMwXB-BDsPSm-XCzvC5GU4FxY8M3_MJIaPToic2Ekw==

GET
H2 200 analytics.min.js Show response
analytics-cdn.beta.theemployeeapp.com/analytics.js/v1/elxhnLSSRTv3AxT0zpNNeu3GU69JPVwG/ 103 KB
29 KB 538ms
348ms Script
text/javascript 18.165.83.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-cdn.beta.theemployeeapp.com/analytics.js/v1/elxhnLSSRTv3AxT0zpNNeu3GU69JPVwG/analytics.min.js
Requested by: Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-119.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b64d2cd615da3e2b63d663ec49fd1a16fe123a8fe8d634742033af5acadcd375

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 6PjyNJwXFd2EXqkbbmb87i2rGGB5_M3X
content-encoding: gzip
via: 1.1 478e42d78af3de35728ba409bf63e348.cloudfront.net (CloudFront), 1.1 035e691ec6c773baa108d5dd3cdf6b28.cloudfront.net (CloudFront)
date: Thu, 16 Feb 2023 08:52:40 GMT
x-amz-cf-pop: IAD89-P2, IAD55-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 03:47:57 GMT
server: AmazonS3
etag: W/"6c9c3884dd96935fd71c52297d0dd271"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: TmguwpD_1cKzkAzBez84JFfEYo9OW-BgJrPYQ5cSbfJBhFrdtQ7cTw==

GET
H2 200 i
sp.tinymce.com/ 43 B
360 B 199ms
43ms Image
image/gif 108.139.47.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tinymce.com/i?aid=474j8a3ki0c0g4xpejempyqhbjatnb2hr8pg8eclkwi1endo&tna=tinymce_cloud&p=web&dtm=1676537559271&stm=1676537559271&tz=Etc%2FUnknown&e=se&se_ca=script_load
Requested by: Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-121.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 09:16:12 GMT
via: 1.1 11addd18912b8ffba16fde7055a9ca56.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 05:55:26 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 84988
etag: "fb02f374b8f73825415db1bccd4bd76d"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-amz-cf-id: A7ant54EDL5CiRig-fvuQPPfOpIIyEOk-TCAACDkkXLIQ00NF-Y0Dg==

OPTIONS
H2 204 token
auth.indiciummobile.com/oauth/ 0
0 261ms
57ms Preflight 52.2.34.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.indiciummobile.com/oauth/token

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.34.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-34-201.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vu.admin.theemployeeapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://vu.admin.theemployeeapp.com
date: Thu, 16 Feb 2023 08:52:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 token Show response
auth.indiciummobile.com/oauth/ 565 B
928 B 549ms
547ms XHR
application/json 52.2.34.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.indiciummobile.com/oauth/token

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.34.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-34-201.compute-1.amazonaws.com

Software

Resource Hash

e658ceed15f2760081bd7918c403402429095aad1602e454e11b18ca3b052f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Feb 2023 08:52:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
etag: W/"235-fqd5xr92WWlqV2BaWjXy/YtfwjE"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vu.admin.theemployeeapp.com
vary: Origin
access-control-allow-credentials: true
content-length: 565
x-xss-protection: 1; mode=block

POST
H2 401 sso-access Show response
auth.theemployeeapp.com/ 12 B
375 B 161ms
69ms XHR
text/html 3.231.197.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.theemployeeapp.com/sso-access

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.197.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-197-29.compute-1.amazonaws.com

Software

Resource Hash

87a5e00b7c0b4287fea96bbeabc05fdfdaacba5346b606366be40fbf3046cc9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 16 Feb 2023 08:52:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
etag: W/"c-MvHJP5yPj49I/9tX+wGrvHWbTRk"
x-download-options: noopen
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://vu.admin.theemployeeapp.com
vary: Origin
access-control-allow-credentials: true
content-length: 12
x-xss-protection: 1; mode=block

OPTIONS
H2 204 sso-access
auth.theemployeeapp.com/ 0
0 173ms
52ms Preflight 3.231.197.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.theemployeeapp.com/sso-access

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.231.197.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-231-197-29.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://vu.admin.theemployeeapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://vu.admin.theemployeeapp.com
date: Thu, 16 Feb 2023 08:52:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 f3c187a7c250fb59d1f20c3d6be96d43.jpg
vu.admin.theemployeeapp.com/ 107 KB
108 KB 193ms
191ms Image
image/jpeg 18.164.116.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vu.admin.theemployeeapp.com/f3c187a7c250fb59d1f20c3d6be96d43.jpg

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-116-116.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f19606f199fd6560fda93b2b31421df52b9f7e874e6a9048c07f5d0fa9d54746

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vu.admin.theemployeeapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:40 GMT
x-amz-version-id: JR48W4TdyBMR6fzmHEr88y9bVascZYpC
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c123eaeab0338ee38c9f9a5fe5647218.cloudfront.net (CloudFront)
content-security-policy: frame-src 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com; frame-ancestors 'self' *.google.com *.theemployeeapp.com *.indiciummobile.com *.sharepoint.com s3.amazonaws.com *.s3.amazonaws.com *.amazonaws.com *.moog.com *.baesystems.com;
x-amz-request-id: GVQB89ZXTR8XS4GV
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 109660
x-amz-id-2: Fn7ZI7PqFwmb3GuHw3StJFTn2QNi6JkbdvzEpfPYoiliN4Iqq58VKuuMAmG2gzJG2GTi1tgRPwc=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 07 Feb 2023 16:28:32 GMT
server: AmazonS3
etag: "f3c187a7c250fb59d1f20c3d6be96d43"
x-frame-options: ALLOW-FROM https://theemployeeappdev.sharepoint.com, ALLOW-FROM https://mgclb.sharepoint.com, ALLOW-FROM https://connect.moog.com, ALLOW-FROM https://onespace.baesystems.com
content-type: image/jpeg
permissions-policy: geolocation=(), midi=(), sync-xhr=(self), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(self), payment=()
accept-ranges: bytes
x-amz-cf-id: 91iK3E8KRQWrN6Y4lt7B_37Zb0XRr6MFReP_GQbSTCXp_UX0VsqEPA==

GET
H2 200 settings Show response
analytics-cdn.beta.theemployeeapp.com/v1/projects/elxhnLSSRTv3AxT0zpNNeu3GU69JPVwG/ 683 B
1 KB 481ms
389ms Fetch
application/json 18.165.83.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-cdn.beta.theemployeeapp.com/v1/projects/elxhnLSSRTv3AxT0zpNNeu3GU69JPVwG/settings
Requested by: Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/vendor.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-119.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99c233b6559c1ff9d1b1fec2a855d23944e977065ce235595870484fb6f05007

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:41 GMT
x-amz-version-id: bKs2qOWCL60oYhojbxneGpDZoWStOnUV
via: 1.1 92ed8a6103fa735c31caf49b92d4efb6.cloudfront.net (CloudFront), 1.1 d4564d6809e10e731bfdfae814a717f8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2, IAD55-P3
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 683
last-modified: Tue, 14 Jun 2022 21:54:15 GMT
server: AmazonS3
etag: "a288346188e78e419eac6cfaf0f20224"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
x-amz-cf-id: GI3zLmNuhVN2hTrjSyUxwZMGBIZNERmy0beFIMq_3uNSsmC-i_XYew==

GET
H2 200 account-info Show response
graphql.theemployeeapp.com/ 724 B
1 KB 79ms
77ms XHR
application/json 54.205.6.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://graphql.theemployeeapp.com/account-info?subDomain=vu

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.6.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-6-47.compute-1.amazonaws.com

Software

Resource Hash

a1a94e68ea0ee9e89fb5daf858985a9be34eb084dd1a281aca94bd8118064239

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
accept-language: en-US,en;q=0.9
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50TGlrZXNFbmFibGVkIjpmYWxzZSwidXNlciI6eyJfaWQiOiI1NjEyNDRhMDMwMmZiYzJhNDE4ODUxZGEiLCJwcm92aWRlciI6ImxvY2FsIiwicm9sZSI6InVzZXIiLCJuYW1lIjoiSm9uYXRoYW4gSGlnZ2lucyIsImVtYWlsIjoiamhpZ2dpbnNAYXBwcmlzZS1tb2JpbGUuY29tIn0sImFjY291bnQiOiJhZG1pbi1hY2NvdW50IiwiZ3JvdXBzQW5hbHl0aWNzRW5hYmxlZCI6ZmFsc2UsInJlYWRXcml0ZUFjY2VzcyI6eyJDQUxFTkRBUiI6W10sIkRJUkVDVE9SWSI6W10sIkdST1VQIjpbXX0sInJlZ2lvbiI6Ik5BRSIsImlhdCI6MTY3NjUzNzU2MCwiZXhwIjoxNjc2NTUxOTYwfQ.2wQdt5KW6pDtTe-ifIjW9civ1pF6ItCLXeXL3oOSPZs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:52:40 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 724
x-xss-protection: 0
referrer-policy: no-referrer
expect-ct: max-age=0
x-download-options: noopen
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
cache-control: no-store,no-cache,max-age=0

OPTIONS
H2 204 account-info
graphql.theemployeeapp.com/ 0
0 174ms
52ms Preflight 54.205.6.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.theemployeeapp.com/account-info?subDomain=vu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.6.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-6-47.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://vu.admin.theemployeeapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
date: Thu, 16 Feb 2023 08:52:40 GMT

POST
H2 200 p Show response
analytics-io.beta.theemployeeapp.com/v1/ 21 B
337 B 464ms
301ms Fetch
application/json 18.67.76.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics-io.beta.theemployeeapp.com/v1/p

Requested by

Host: vu.admin.theemployeeapp.com
URL: https://vu.admin.theemployeeapp.com/vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.76.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-76-29.iad89.r.cloudfront.net

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Feb 2023 08:52:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 b18bcd54d0f77ca53d7c0ba4b9e54284.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://vu.admin.theemployeeapp.com
content-length: 21
x-amz-cf-id: a1Y-fMccU2eQjcV75jzMz3E_FKX5uc0svjaSR80M7mN0o5KTC4ZbLw==

GET
H2 200 5d389c2315973b00fb2c3840.png
cdn-logos.theemployeeapp.com/ 16 KB
17 KB 181ms
52ms Image
image/png 18.164.96.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-logos.theemployeeapp.com/5d389c2315973b00fb2c3840.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-63.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3924a29161af76f7470e22278b2200d2c33fa597f32ad0a4d0e5f6810340cb16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:58:44 GMT
x-amz-version-id: xnxZH7Rfw4F1upGFtQ2LkM0waR.ZEGoH
via: 1.1 241db89625f6ef70a00b0e19e0cfc332.cloudfront.net (CloudFront)
last-modified: Mon, 21 Oct 2019 18:23:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 1781638
etag: "c88b3e9a063e645c42fc5f5aea4da954"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 16524
x-amz-cf-id: NUC_kkX_HOBq8tdvfmLmvaXFyDssZXC8mDDn2Zq0WITzPoYVofHwmw==

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theemployeeapp.com/	1970-01-20 18:27:53	Name: ajs_anonymous_id Value: 4cb2a7c8-16ef-466b-85da-d3fabd6671f3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.theemployeeapp.com/sso-access Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com; frame-ancestors 'self' .google.com .theemployeeapp.com .indiciummobile.com .sharepoint.com s3.amazonaws.com .s3.amazonaws.com .amazonaws.com .moog.com .baesystems.com;
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://theemployeeappdev.sharepoint.com ALLOW-FROM https://mgclb.sharepoint.com ALLOW-FROM https://connect.moog.com ALLOW-FROM https://onespace.baesystems.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-cdn.beta.theemployeeapp.com
analytics-io.beta.theemployeeapp.com
auth.indiciummobile.com
auth.theemployeeapp.com
cdn-logos.theemployeeapp.com
cdn.tiny.cloud
cdnjs.cloudflare.com
fonts.googleapis.com
graphql.theemployeeapp.com
sp.tinymce.com
vu.admin.theemployeeapp.com
108.139.47.121
18.164.116.116
18.164.116.79
18.164.96.63
18.165.83.119
18.67.76.29
2600:9000:2509:5000:4:8ff3:780:93a1
2606:4700::6811:180e
2607:f8b0:4006:80d::200a
3.231.197.29
52.2.34.201
54.205.6.47
03cc2d7d239f96ab7be08d7a61d51ee1b6ba3e3856280ab57c016c0d5ba3c6d9
067632f8b5e916e5db8d2cf767c673ab20e4ae8a43dc09efcf5cea7337fdac01
06f77bf6f84d0e359292b8e1cc42878dbc51a14927bd4539ebc96c62e8cb0f6c
07534a75b33e4aecb8f72b6afe5a4aba5c617a4f7289638f61fce1ca0091dd59
12c2436066517642b7438167f3f6bcdd7cd07a549adeddea088f4d0b97615812
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2ddeacd105b5127f6d0bd2fad398d6678ea24b80492a093a2ce08200aace8a36
3924a29161af76f7470e22278b2200d2c33fa597f32ad0a4d0e5f6810340cb16
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
7033f7588066646dc027197f7130f11d14af161af4cf755b5cd2cf4b4e373d62
87a5e00b7c0b4287fea96bbeabc05fdfdaacba5346b606366be40fbf3046cc9a
99c233b6559c1ff9d1b1fec2a855d23944e977065ce235595870484fb6f05007
a1a94e68ea0ee9e89fb5daf858985a9be34eb084dd1a281aca94bd8118064239
b64d2cd615da3e2b63d663ec49fd1a16fe123a8fe8d634742033af5acadcd375
bc95bd964c20eb499676c01063c3facafc527c75be71a327494495361a9c61e6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d09ae5c6594493dc44243241caa3d0b999629ecd9a02365bce8098198cd2f132
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e658ceed15f2760081bd7918c403402429095aad1602e454e11b18ca3b052f0d
f19606f199fd6560fda93b2b31421df52b9f7e874e6a9048c07f5d0fa9d54746
f59ea6af084f28767c64ece97c8686e52c747875db47dc3494bfb39b1b91cd4d

vu.admin.theemployeeapp.com Open in urlscan Pro 18.164.116.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

25 %IPv6

6 Domains

11 Subdomains

11 IPs

1 Countries

2341 kBTransfer

11313 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

vu.admin.theemployeeapp.com Open in urlscan Pro
18.164.116.116 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

25 %
IPv6

6
Domains

11
Subdomains

11
IPs

1
Countries

2341 kB
Transfer

11313 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions