app.trinetexpense.com Open in urlscan Pro
35.80.252.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trinetexpense.com/
Effective URL:
https://app.trinetexpense.com/users/login
Submission: On October 22 via api (October 22nd 2024, 8:24:44 pm UTC) from US — Scanned from DE

Summary HTTP 46 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 46 HTTP transactions. The main IP is 35.80.252.176, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.trinetexpense.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 21st 2024. Valid for: a year.

This is the only time app.trinetexpense.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	35.80.252.176 35.80.252.176	16509 (AMAZON-02) (AMAZON-02)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	104.18.74.113 104.18.74.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	44.241.9.6 44.241.9.6	16509 (AMAZON-02) (AMAZON-02)
2 2	44.229.156.177 44.229.156.177	16509 (AMAZON-02) (AMAZON-02)
2	52.219.121.82 52.219.121.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:5d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.37.51.81 23.37.51.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1 2	192.29.68.80 192.29.68.80	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	216.198.53.1 216.198.53.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	34.107.204.85 34.107.204.85	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.72.135.101 54.72.135.101	16509 (AMAZON-02) (AMAZON-02)
46	16

24 35.80.252.176 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-252-176.us-west-2.compute.amazonaws.com

trinetexpense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.trinetexpense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.74.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.9.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-9-6.us-west-2.compute.amazonaws.com

appcenter.intuit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.229.156.177 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-156-177.us-west-2.compute.amazonaws.com

sso.trinetcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.121.82 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.51.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-51-81.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.68.80 (Toronto, Canada) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s383.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.53.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

trinetcloud.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.204.85 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 85.204.107.34.bc.googleusercontent.com

data.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.135.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-135-101.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	trinetexpense.com 1 redirects trinetexpense.com app.trinetexpense.com	2 MB
4	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 626 data.pendo.io — Cisco Umbrella Rank: 630	166 KB
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2226 ekr.zdassets.com — Cisco Umbrella Rank: 2547	270 KB
2	eloqua.com 1 redirects s383.t.eloqua.com	1 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6596 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 6092	3 KB
2	amazonaws.com trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	106 KB
2	trinetcloud.com 2 redirects sso.trinetcloud.com	1 KB
2	intuit.com appcenter.intuit.com — Cisco Umbrella Rank: 78009	47 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	32 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1903	260 KB
1	zendesk.com trinetcloud.zendesk.com — Cisco Umbrella Rank: 724143	1 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6883	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	4 KB
46	14

	Domain	Requested by
23	app.trinetexpense.com	app.trinetexpense.com ajax.googleapis.com
3	data.pendo.io	cdn.pendo.io
3	static.zdassets.com	app.trinetexpense.com static.zdassets.com
2	s383.t.eloqua.com	1 redirects app.trinetexpense.com
2	trinetcloud-platform-prod.s3.us-west-1.amazonaws.com	app.trinetexpense.com
2	sso.trinetcloud.com	2 redirects
2	appcenter.intuit.com	app.trinetexpense.com ajax.googleapis.com
2	ajax.aspnetcdn.com	app.trinetexpense.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	trinetcloud.zendesk.com	static.zdassets.com
1	fonts.gstatic.com	fonts.googleapis.com
1	img.en25.com	app.trinetexpense.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.pendo.io	app.trinetexpense.com
1	rum-static.pingdom.net	app.trinetexpense.com
1	fonts.googleapis.com	app.trinetexpense.com
1	code.jquery.com	app.trinetexpense.com
1	ajax.googleapis.com	app.trinetexpense.com
1	trinetexpense.com	1 redirects
46	19

This site contains links to these domains. Also see Links.

Domain
www.trinet.com

Subject Issuer	Validity	Valid
trinetexpense.com Amazon RSA 2048 M02	`2024-05-21` - `2025-06-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
zdassets.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.intuit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
pingdom.net WE1	`2024-09-12` - `2024-12-12`	3 months	crt.sh
cdn.pendo.io WR3	`2024-09-19` - `2024-12-18`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
trinetcloud.zendesk.com E6	`2024-09-09` - `2024-12-08`	3 months	crt.sh
pendo.io WR3	`2024-09-14` - `2024-12-13`	3 months	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2024-10-22` - `2025-11-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://app.trinetexpense.com/users/login
Frame ID: 7F6352A605629113C61289BBC32A301E
Requests: 43 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js
Frame ID: D68DD8DF0874754788D7011BBF0071A5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TriNet Expense - Users Login

Page URL History Show full URLs

https://trinetexpense.com/ HTTP 302
https://app.trinetexpense.com/users/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

46
Requests

93 %
HTTPS

18 %
IPv6

14
Domains

19
Subdomains

16
IPs

5
Countries

3058 kB
Transfer

4080 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.trinet.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trinetexpense.com/ HTTP 302
https://app.trinetexpense.com/users/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://sso.trinetcloud.com/js/trinet-apps.js HTTP 301
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js

Request Chain 19

https://sso.trinetcloud.com/css/trinet-apps.css HTTP 301
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css

Request Chain 36

https://s383.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled HTTP 302
https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled&elqCookie=1

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
app.trinetexpense.com/users/
Redirect Chain

https://trinetexpense.com/
https://app.trinetexpense.com/users/login

13 KB
14 KB

619ms
575ms

Document
text/html

35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c253d542e7ff71c127d56023b828a1cb1313c980c73e1bbcd760cad045b5d145

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; style-src 'self' 'unsafe-inline' ;img-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

cache-control: no-store, no-cache, must-revalidate
content-security-policy: default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ *.googleapis.com *.jquery.com *.google-analytics.com *.aspnetcdn.com *.intuit.com *.en25.com *.gstatic.com *.pingdom.net *.google.com *.finicity.com *.dwolla.com *.zdassets.com *.trinetcloud-ops.com *.cloudflare.com *.recurly.com *.zendesk.com *.hrpassport.com *.intacct.com *.eloqua.com https://s383.t.eloqua.com *.amazonaws.com *.trinetexpense-ops.com *.trinetexpense.com *.appspot.com *.trinet.com *.googletagmanager.com *.appdynamics.com *.eum-appdynamics.com *.lr-in.com googletagmanager.com *.appdynamics.com *.lr-in.com *.pendo.io *.dwolla.com; style-src 'self' 'unsafe-inline' *;img-src 'self' * data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ *.googleapis.com *.jquery.com *.google-analytics.com *.aspnetcdn.com *.intuit.com *.en25.com *.gstatic.com *.pingdom.net *.google.com *.finicity.com *.dwolla.com *.zdassets.com *.trinetcloud-ops.com *.cloudflare.com *.recurly.com *.zendesk.com *.hrpassport.com *.intacct.com *.eloqua.com https://s383.t.eloqua.com *.amazonaws.com *.trinetexpense-ops.com *.trinetexpense.com *.appspot.com *.trinet.com *.googletagmanager.com *.appdynamics.com *.eum-appdynamics.com *.lr-in.com googletagmanager.com *.appdynamics.com *.lr-in.com *.pendo.io *.dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 20:24:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: Deny

Redirect headers

content-length: 110
content-type: text/html
date: Tue, 22 Oct 2024 20:24:36 GMT
location: https://app.trinetexpense.com:443/users/login
server: awselb/2.0

GET
H2 200 topec3.js Show response
app.trinetexpense.com/js/ec3/ 113 B
649 B 427ms
421ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/topec3.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

fd901c02a21c22eed41a7c8dceca45a5c69c223dbfa0f53f11c05fbfdaf38781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-71"
accept-ranges: bytes
content-length: 113
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 jquery-ui.css
ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/themes/redmond/ 36 KB
11 KB 352ms
165ms Stylesheet
text/css 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/themes/redmond/jquery-ui.css

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C86) /

Resource Hash

ebab64235adeddf9c9c4b361ca4ada789a0faf944fb071ce4c76007cf52fd225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

content-encoding: gzip
etag: "c6525ec7a9cd81:0"
age: 18272691
x-content-type-options: nosniff
x-cache: HIT
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: text/css
last-modified: Wed, 20 Jul 2022 20:54:36 GMT
vary: Accept-Encoding
cache-control: public,max-age=31536000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11009
x-xss-protection: 1; mode=block
server: ECAcc (frc/4C86)

GET
H2 200 trinetLoginId.js Show response
app.trinetexpense.com/js/ec3/ 198 B
729 B 424ms
420ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/trinetLoginId.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

516ed75d11d33fa4e7239be897e299940cfab8f4dee92743544247f8faf90845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-c6"
accept-ranges: bytes
content-length: 198
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 ec3.min.css
app.trinetexpense.com/css/ 36 KB
37 KB 221ms
217ms Stylesheet
text/css 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b6d01b6d68da5b98f5ce1ca059b2acade8815afaa39bd257a884a724db74940b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-90e3"
accept-ranges: bytes
content-length: 37091
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 ec3Global.js Show response
app.trinetexpense.com/js/ec3/ 2 KB
3 KB 424ms
420ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/ec3Global.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f2a05393134ae6ea77ed76f5e9ebbe50bd7f8b60a8580757089f57e385e2e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-8da"
accept-ranges: bytes
content-length: 2266
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 138ms
42ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

content-encoding: gzip
age: 13099
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:46:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:46:18 GMT
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31017
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-migrate-3.3.2.min.js Show response
code.jquery.com/ 11 KB
4 KB 159ms
47ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-migrate-3.3.2.min.js
Requested by: Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-2bd8"
age: 4800038
x-cache: HIT, HIT
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 20778, 5016
x-served-by: cache-lga21989-LGA, cache-mxp6934-MXP
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1729628678.505669,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4165
server: nginx

GET
H2 200 jquery-ui.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/ 249 KB
249 KB 259ms
74ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/jquery-ui.min.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE5) /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

cache-control: public,max-age=31536000
timing-allow-origin: *
etag: "cae017e27a9cd81:0"
age: 18290488
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 255084
date: Tue, 22 Oct 2024 20:24:37 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Wed, 20 Jul 2022 20:54:20 GMT
server: ECAcc (frc/4CE5)

GET
H2 200 jquery.fix.min.js Show response
app.trinetexpense.com/js/ 10 KB
11 KB 425ms
423ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/jquery.fix.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1f6513fcdfdf01fd82bf1f571643b7c402cf7d308c380c17bd7c5bfe6b254d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-28b0"
accept-ranges: bytes
content-length: 10416
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 219ms
118ms Script
application/javascript 104.18.74.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.74.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"d90dbb2a9f98c3c53cd0f1d480381e2e"
x-amz-version-id: FkgGJxeVVNjmEhoAGFYT4yGKQLf728f6
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52UAJnm%2F%2BPcYv8AgDDSD8rewafNBuJiZpzTrIZP8xdPgCEKMDfgq9HQK7p63w3t3Tusdq%2Fi04ru6dea8Zm6lvpHlkkVhq%2FcumWbf3AEfApFgpqQ1xqNxhxLA%2F5CXb0lMcxT3RXA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 11:42:28 GMT
vary: Accept-Encoding
x-amz-id-2: jdsHz/BJkl29sRWhzn8p3f4n832HQpALkqnpN4jDCawDxEdGWRXUwiy5tWU8T3rJok648qB/kdQ=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NDQQ9E9GK07P2D0X
cf-ray: 8d6c36425ad562cf-HAM
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 logo.png
app.trinetexpense.com/img/ec3/common/ 14 KB
14 KB 424ms
422ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/ec3/common/logo.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0f33b91139c2a5e5aed5dc1443b526bbddd6ddcf7f44d7e4f5a29b588b74f9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-3794"
accept-ranges: bytes
content-length: 14228
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 142ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d0ae43ec79dc549fc6e4b83aa0e1024b1113e16640ec5277062d12d48f2f2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 20:24:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 20:20:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 users.min.css
app.trinetexpense.com/css/ 36 KB
37 KB 212ms
209ms Stylesheet
text/css 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

85a2a1ca9efcf42fe76b036fc50ea64b08de3503690d69d82c6ac69a92e412a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-90ea"
accept-ranges: bytes
content-length: 37098
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 common.min.js Show response
app.trinetexpense.com/js/ 11 KB
12 KB 210ms
209ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/common.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

02714694c730e51101d8d4a88ba67185b96cc8eae13491aafe62bba3449bbcab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-2d93"
accept-ranges: bytes
content-length: 11667
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 cloud-auth.9daaba4b419ccd785a1a.js Show response
app.trinetexpense.com/build/ 2 MB
2 MB 212ms
210ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/build/cloud-auth.9daaba4b419ccd785a1a.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2a7029d7b88a757fbdff8752760a745b0026b3f9d674b96697336acdf9bcbf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a1d-1f0d46"
accept-ranges: bytes
content-length: 2035014
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:57 GMT
server: nginx

GET
H2 200 login.min.js Show response
app.trinetexpense.com/js/users/ 769 B
1 KB 396ms
395ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/users/login.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

17b770b42be63e43f80966840647b253dbb881da3fa32f486636f0b6b2ce6089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-301"
accept-ranges: bytes
content-length: 769
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 intuit.ipp.anywhere-1.2.4.js Show response
appcenter.intuit.com/Content/IA/ 32 KB
33 KB 969ms
456ms Script
application/javascript 44.241.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://appcenter.intuit.com/Content/IA/intuit.ipp.anywhere-1.2.4.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.9.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-9-6.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

fb534ca5f0229e510ccc3aec0beb68daadc8ae2e2385468b312c5b7d05056188

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

x-request-id: 1-67180a06-7b53a45c7274d4b92b87d1b2
x-amz-version-id: mB6HieeR.2Iqag3eUsoRtMoGWMN5Hi89
etag: "d4b8038483c4222492ea6f2bb3877dbb"
age: 64585
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: e5qPc1qgKzvehF-QRQVpHgCbCPZghsumllB-TGg3kVbW4aXahlUwKw==
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: application/javascript
last-modified: Thu, 11 Jan 2024 20:14:38 GMT
strict-transport-security: max-age=31536000
x-spanid: 9506a448-f459-ef2b-913f-a5786c9d9d54
cache-control: max-age=864000
intuit_tid: 1-67180a06-7b53a45c7274d4b92b87d1b2
x-envoy-upstream-service-time: 36
x-amzn-trace-id: Root=1-67180a06-7b53a45c7274d4b92b87d1b2
via: 1.1 e2c409cb6da9756c7d0172de8b33006e.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33000
x-amz-cf-pop: SEA900-P3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H2 200 intuitAnywhere.min.js Show response
app.trinetexpense.com/js/ec3/ 276 B
808 B 397ms
396ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/intuitAnywhere.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8e1751680f83eb302c4b5806df576842e0f8318850c94bd33fe37506eb37f14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-114"
accept-ranges: bytes
content-length: 276
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H/1.1

200
OK

trinet-apps.1.4.20.min.js Show response
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/
Redirect Chain

https://sso.trinetcloud.com/js/trinet-apps.js
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js

101 KB
101 KB

646ms
217ms

Script
application/javascript

52.219.121.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js
Requested by: Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login
Protocol: HTTP/1.1
Server: 52.219.121.82 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 028286d5aacd5d6fba1a2427db47fd5d7bd4bce039a753e49a5b690b74775b3e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

x-amz-id-2: EnMQxx7cvFnCA3uE2alEA8Yl5DAkfHLXPk1P+KpkkEx/cgAYG8w+btoVawGbggpu10xJmp4p9tI=
ETag: "9043990f4380c00b7bdf856d1452a4ec"
x-amz-request-id: 1ZJY1P10G1BKX96C
Accept-Ranges: bytes
Content-Length: 103370
Date: Tue, 22 Oct 2024 20:24:40 GMT
Last-Modified: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: application/javascript
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.js
content-length: 162
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: text/html
server: nginx

GET
H/1.1

200
OK

trinet-apps.1.4.20.min.css
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/
Redirect Chain

https://sso.trinetcloud.com/css/trinet-apps.css
https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css

4 KB
4 KB

646ms
218ms

Stylesheet
text/css

52.219.121.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css
Requested by: Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login
Protocol: HTTP/1.1
Server: 52.219.121.82 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 362656a19c4454ad1880c634baf58b8c29ca96af2f2480ec64b7511116d17771

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

x-amz-id-2: RMxzp8m2ye4JTE50zGlCbY6b6wBpYpnaRl0IWh9SovjcxMkFT/eA/bC7w8wPjwDrS7rGe0SgVlU=
ETag: "eca07a4fb5dda228a4cfda9d09056b1c"
x-amz-request-id: 1ZJSJW0MX0QTQENW
Accept-Ranges: bytes
Content-Length: 4062
Date: Tue, 22 Oct 2024 20:24:40 GMT
Last-Modified: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-server-side-encryption: AES256

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
location: https://trinetcloud-platform-prod.s3.us-west-1.amazonaws.com/js_utils/trinet-app-clicker/trinet-apps.1.4.20.min.css
content-length: 162
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: text/html
server: nginx

GET
H2 200 trinetApp.min.js Show response
app.trinetexpense.com/js/ec3/ 278 B
810 B 394ms
394ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/trinetApp.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

277379e7b8cf7e569aabbba8c30b51c9929314a71036164359c65ec19ad00e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-116"
accept-ranges: bytes
content-length: 278
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 eloquaEc3.min.js Show response
app.trinetexpense.com/js/ec3/ 436 B
966 B 696ms
696ms Script
application/javascript 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/js/ec3/eloquaEc3.min.js?v=24.06.10.12

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d85d09f62e6ce61d483234ebbca2f74bdf1ec88d2dea2549b1dc00d6af12ff7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-1b4"
accept-ranges: bytes
content-length: 436
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 pa-54e6a986abe53dea349f44c4.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 151ms
54ms Script
application/javascript 2606:4700:10::ac43:5d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-54e6a986abe53dea349f44c4.js
Requested by: Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf0173a376d27e98197cfea2f83053723f825733171855903aa767c6b737db9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"63490024-1852"
age: 124
cf-ray: 8d6c36452ee89762-FRA
expires: Tue, 22 Oct 2024 20:27:33 GMT
access-control-allow-origin: *
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/ 502 KB
165 KB 141ms
42ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/pendo.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

c960bf94e248619f155fe566c5c8ff7742df272db8bedc7cd7fab13fd1d46f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=P+40AQ==, md5=hLflDR2rmnnVDE6uSo6mYw==
etag: "84b7e50d1dab9a79d50c4eae4a8ea663"
age: 233
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 168049
date: Tue, 22 Oct 2024 20:20:44 GMT
last-modified: Fri, 18 Oct 2024 14:16:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY3xv_bLrcVaTBXpADZ9apE0dqT1R7fCjR8alzT-vW5QRqu0cx5JSlglK97u8E6duHgxxbkQqoNp9Q
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public,max-age=450
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1729260982371698
content-length: 168049
server: UploadServer

GET
H2 200 e5bc9dad-abec-4579-b9f8-3ed0974aea6b Show response
ekr.zdassets.com/compose/ 805 B
1 KB 336ms
238ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9d8ed74dfcd5dd349b9d629e89092a89838387d99a56d1e94e5eaa85449901e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

access-control-max-age: 7200
x-request-id: 8d1375476913f977-SEA, 8d1375476913f977-SEA, 8d1375476913f977-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: HIT
etag: W/"e9d8ed74dfcd5dd349b9d629e89092a8"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjVNQYPnFkrv2GU%2BPTTJVOe%2BAhqlM6Fyfms%2Bz4717OB%2FZ5h%2FgOAHuWXHICb1%2Bi%2Bl61LfnWdvchcfuHnU9zuBFqiWWSn56Po6v%2BN96H0rwlmX16c%2FMYhuSzVfW5pNYMJyXSA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.003228
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8d6c36452a94630d-HAM
access-control-allow-origin: *
x-zendesk-zorg: yes, yes
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bg.png
app.trinetexpense.com/img/ec3/common/ 339 B
866 B 393ms
392ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/ec3/common/bg.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

5a07196fae3b0d4fcfccb668e4f025a69c8af47f7591d539d79f887b8b7ce14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-153"
accept-ranges: bytes
content-length: 339
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 nav-sub.png
app.trinetexpense.com/img/ec3/common/ 2 KB
2 KB 394ms
393ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/ec3/common/nav-sub.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

01d9e72b5fb8e10904c05b50f59ddddba4b1d5547d301058db379a242643baaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-6ab"
accept-ranges: bytes
content-length: 1707
date: Tue, 22 Oct 2024 20:24:37 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 ico-clipboard.png
app.trinetexpense.com/img/users/ 1 KB
2 KB 607ms
607ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/users/ico-clipboard.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a9cecdeef11222f613fda63138afa96b130a3eb04d2dce502bd8f416152d9e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-5b6"
accept-ranges: bytes
content-length: 1462
date: Tue, 22 Oct 2024 20:24:38 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 identity.css
app.trinetexpense.com/css/ 4 KB
4 KB 211ms
211ms Stylesheet
text/css 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/css/identity.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c19a2d9461d5160a4010a14bcd8568b2eaed8869cf53df765e757d9a52f893fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-f3f"
accept-ranges: bytes
content-length: 3903
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 web-widget-main-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame D68D 829 KB
258 KB 76ms
76ms Script
application/javascript 104.18.74.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=e5bc9dad-abec-4579-b9f8-3ed0974aea6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.74.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4ade685b6856de52182b225d4c621764825a5edafebec1bd7dfd0bb9d966f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"07aec65eb3477704556f6cf3f106f8fb"
x-amz-version-id: _NoEm8vRBN2TNsj3j1jx6qm06EBIXcJh
age: 77136
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRFG6fH%2BQSpts2slYqVZcN5EDL%2FarvKo6GT491ywmnHjKz2JSkbTdk0TXVNGKOfsEfkJtMoJLcrxxRFvrsGqRbfJQU%2BI2vtnYu%2FpE11xmSEnypLku2hYVkPqiThi9X7iBwvQYLY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:03 GMT
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:04 GMT
vary: Accept-Encoding
x-amz-id-2: BzlDuapBx/DoG2r1PLsFxfwz6QcXuiw8g1IBTKe7BdW7pUrH5yFLnxnkCUMM0rzl6b3QNDqiErQ=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HAMZH0FRYR94FVNS
cf-ray: 8d6c364faa3d62cf-HAM
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 156ms
47ms Script
application/x-javascript 23.37.51.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/js/ec3/eloquaEc3.min.js?v=24.06.10.12

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.51.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-51-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
ETag: "5fbd42741dd4da1:0"
X-Content-Type-Options: nosniff
Expires: Tue, 22 Oct 2024 20:24:39 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Date: Tue, 22 Oct 2024 20:24:39 GMT
Content-Type: application/x-javascript
Last-Modified: Fri, 12 Jul 2024 05:36:33 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-store
Pragma: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2183
X-XSS-Protection: 1; mode=block

GET
H2 200 btn-login.png
app.trinetexpense.com/img/users/ 2 KB
2 KB 210ms
209ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/users/btn-login.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1cb2b6ff6c2a1c0751794e18dcfa0f9d4da8a394a4adbb86ac8bc3c7075691bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-6e7"
accept-ranges: bytes
content-length: 1767
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 google_logo.png
app.trinetexpense.com/img/users/ 1 KB
2 KB 210ms
209ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/users/google_logo.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3d550da73015d4619d871361ff35a16af6f9290008b572d3db617236fd96fcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/users.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-564"
accept-ranges: bytes
content-length: 1380
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H2 200 trinetcloud_logo.png
app.trinetexpense.com/img/users/ 4 KB
5 KB 211ms
209ms Image
image/png 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.trinetexpense.com/img/users/trinetcloud_logo.png

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

de2b669a3ac548a228639887977e75347845e5cd24227ee08e42d8dbb6fc81f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/css/ec3.min.css?v=24.06.10.12

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-1136"
accept-ranges: bytes
content-length: 4406
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: image/png
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 92ms
41ms Font
font/woff2 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f3.1e100.net

Software

sffe /

Resource Hash

0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin: https://app.trinetexpense.com
Referer: https://fonts.googleapis.com/

Response headers

age: 43430
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 08:20:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 08:20:49 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13432
x-xss-protection: 0
server: sffe

GET
H2 200 intuit.ipp.anywhere.css
appcenter.intuit.com/Content/IA/ 13 KB
14 KB 253ms
252ms Stylesheet
text/css 44.241.9.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://appcenter.intuit.com/Content/IA/intuit.ipp.anywhere.css

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.9.6 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-9-6.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

6e77fe08d19fec07f71d5202303938b1a141de12d04f4945ff1860ca35dadfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

x-request-id: 1-67180a07-41605e5a418b0bcf4e1fc8bf
x-amz-version-id: iXVbOW1OFFlpDlbv.E.ERDoUH6IYDHuD
etag: "a6e20a732527fb7208f09be820d5b46b"
age: 18609
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KotLyGpi7IH0QoUDYsNE1G9mNE9psdJ9sZdTZtNTEz95LYK3uXS2Mg==
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: text/css
last-modified: Thu, 11 Jan 2024 20:14:38 GMT
strict-transport-security: max-age=31536000
x-spanid: 3c035284-ae24-2056-8918-d5b46d751342
cache-control: max-age=864000
intuit_tid: 1-67180a07-41605e5a418b0bcf4e1fc8bf
x-envoy-upstream-service-time: 40
x-amzn-trace-id: Root=1-67180a07-41605e5a418b0bcf4e1fc8bf
via: 1.1 f4b6071c1b471bbf6f365d32a3690896.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 13337
x-amz-cf-pop: SEA900-P3
server: istio-envoy
x-amz-server-side-encryption: AES256

GET
H/1.1

200
OK

svrGP.aspx
s383.t.eloqua.com/visitor/v200/
Redirect Chain

https://s383.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled
https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled&elqCookie=1

49 B
448 B

162ms
159ms

Image
image/gif

192.29.68.80
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled&elqCookie=1

Requested by

Host: app.trinetexpense.com
URL: https://app.trinetexpense.com/users/login

Protocol

HTTP/1.1

Server

192.29.68.80 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow
Cache-Control: no-store
Pragma: no-cache
X-Content-Type-Options: nosniff
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Length: 49
X-Xss-Protection: 1; mode=block
Date: Tue, 22 Oct 2024 20:24:40 GMT
Content-Type: image/gif

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow
Cache-Control: no-store
Location: https://s383.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=383&ref2=elqNone&tzo=-60&ms=760&optin=disabled&elqCookie=1
Pragma: no-cache
X-Content-Type-Options: nosniff
Expires: -1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Content-Length: 262
X-Xss-Protection: 1; mode=block
Date: Tue, 22 Oct 2024 20:24:39 GMT
Content-Type: text/html; charset=utf-8

GET
H2 200 en-us-json-cbf609b.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame D68D 25 KB
6 KB 65ms
63ms Script
application/javascript 104.18.74.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-cbf609b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.74.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id: 84wSEKA_FfeBTDyf9gL6ljF5UYM.Hy4g
age: 81573
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FBrURKr1C9tLmk5ZrseAVAfx3yMXmTFAkJrxfN321RMbsh7YYeE3cEtaCSD0xf1vB%2FatP4rUyW08F9g%2F0tqvsBsJhDUYuj9jYBAVWaTRsLlijg17Avm8ZsSfRM9eUwBIAadSlQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Tue, 07 Oct 2025 10:12:04 GMT
date: Tue, 22 Oct 2024 20:24:39 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 07 Oct 2024 10:12:05 GMT
vary: Accept-Encoding
x-amz-id-2: xAspZH7GdyUCWLxBxjfoK0NzuXqYBkhVV94d00vAqejy9XXPP6l+eFAVEmadymmLRRO7i7/vyH8=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CXP0ZYMXH3848RVK
cf-ray: 8d6c36515cf962cf-HAM
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
trinetcloud.zendesk.com/embeddable/ Frame D68D 444 B
1 KB 301ms
223ms Fetch
application/json 216.198.53.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://trinetcloud.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-cbf609b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.198.53.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d82b97fd65dcba258dd7c8159af7650c709c2c3249dbe249c0136cb830550ee

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer

Response headers

access-control-max-age: 7200
x-request-id: 8d6c3651df426a77-FRA
access-control-expose-headers
x-zendesk-origin-server: embeddable-app-server-788c989f45-fjqf9
cf-cache-status: EXPIRED
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HX19H8zenTyD%2BGWrXoTaEFIbIUxqdXpjw6VCluhNXzAXPSigDpQ4dEDPYi7uJI05FiIHassqGhnxUVtWz0E1OXHb%2B7zTJ8EsdV2pvppz%2B%2BP8SPU9pdeJZLaST3Eh8yscgrr3xTsq8Fts"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Tue, 22 Oct 2024 20:24:40 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.001700
last-modified: Tue, 22 Oct 2024 20:24:40 GMT
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d6c3651df426a77-TXL
access-control-allow-origin: *
x-zendesk-zorg: yes
x-cached: MISS
server: cloudflare

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652
data.pendo.io/data/ptm.gif/ 42 B
103 B 378ms
269ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/ptm.gif/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?v=2.251.0_prod&ct=1729628680411&jzb=eJzFUk1z0zAQ_S86e2JZid0kN6BAe4B2aEoYGEazsYXRIEtCWrcNnfz3ruzEDJdyrE_7oX3v7fN-e2S494qtWacQWMZ2wd1HFSTqjqrFmVhVYlkt-YKXGbvTUaMLUjc0IK_ffjy_khv563b7SbkOL9qSAKCuXW9xeGN7YzLWB0PPfyL6uM5z8H6GQVuF6sErG9Wsdl3eE2fMjWu1JQwfnI9s_XgiTOFznITgwe5HXZSrDnTipPCHDhGlhbRNyg38kwZnjlGtcT9GEQFPxbRKONYN2LaHNrWUlbc37DBtexI4Lvw_KJrzEJTFV9M0lZrxqRB5wXPBxYKG7sgV7Wwqz0RZzLgka5q_ABvYXU60OCbMzFcfrnHRKn0Z_jjE5EKgjYdm8WXXPKCAysDrm_D5KolUMZEM7febi915sYWv94tt-U6_Gdq_e2Vr0sbpPPao6M-U5fKQTadjHDTPnk71AqeTRB2lzCuyrlilb8lXoipfyL9i8m_Ozw7fnwAXTR12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

strict-transport-security: max-age=63072000
access-control-max-age: 600
cache-control: no-store
x-envoy-upstream-service-time: 115
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Tue, 22 Oct 2024 20:24:40 GMT
content-type: image/gif
server: istio-envoy
access-control-allow-headers: *

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652 Show response
data.pendo.io/data/guide.js/ 2 KB
892 B 291ms
185ms Script
application/javascript 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data.pendo.io/data/guide.js/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?id=12&jzb=eJx9UEFOwzAQ_IvPVZxG9JIbEkhwAQSUHq1VsgQLe23Z64oK5e9dk1Lgwm1mPBrP7Kfa22w5pNtR9co8XN9d3Ztn877dPWLwfDNt1ErBMIRCXC1UnFupkpy435hj7rWGGBtOlpDxIyJlbIbgdcmYsnZhsiQRwY0vPx8tKR4ZRmBQ_blFhfafJhIcgQ7myyMcPdhaReCrTZkNgceFO_hDU3AnNFg-LCgz8LdYB6aT7oCmAlN9QjLbJzWfbyAFhURISHz5W5Ih1d91et3qru0uJGcvF7CBqtx0m3XTmpjCqOb5CNh8eSE&v=2.251.0_prod&ct=1729628680413

Requested by

Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/b4ad226e-58a3-4c7a-4abd-f06acc1f4652/pendo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

d88736992e399596b8b3b8f52feebeb30df228bbef8d5f64158d607c0febb107

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

access-control-max-age: 600
content-encoding: gzip
access-control-allow-methods: GET,POST
x-content-type-options: nosniff
alt-svc: clear
date: Tue, 22 Oct 2024 20:24:40 GMT
content-type: application/javascript
access-control-allow-headers: *
strict-transport-security: max-age=63072000
cache-control: no-store
x-envoy-upstream-service-time: 30
access-control-allow-credentials: false
via: 1.1 google
access-control-allow-origin: *
content-length: 804
server: istio-envoy

GET
H2 200 b4ad226e-58a3-4c7a-4abd-f06acc1f4652
data.pendo.io/data/guide.gif/ 42 B
311 B 262ms
156ms Image
image/gif 34.107.204.85
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://data.pendo.io/data/guide.gif/b4ad226e-58a3-4c7a-4abd-f06acc1f4652?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1729628680413&v=2.251.0_prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.204.85 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

85.204.107.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

strict-transport-security: max-age=63072000
access-control-max-age: 600
cache-control: no-store
x-envoy-upstream-service-time: 2
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-allow-methods: GET,POST
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 42
date: Tue, 22 Oct 2024 20:24:40 GMT
content-type: image/gif
server: istio-envoy
access-control-allow-headers: *

GET
H2 200 favicon.ico
app.trinetexpense.com/ 11 KB
12 KB 210ms
209ms Other
image/x-icon 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.trinetexpense.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-252-176.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67104a00-2c1e"
accept-ranges: bytes
content-length: 11294
date: Tue, 22 Oct 2024 20:24:40 GMT
content-type: image/x-icon
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 253ms
54ms XHR
text/plain 54.72.135.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=54e6a986abe53dea349f44c4&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=663&cE=663&dLE=663&dLS=663&fS=663&hS=-1&rE=-1&rS=-1&reS=706&resS=1281&resE=1290&uEE=-1&uES=-1&dL=1289&dI=3510&dCLES=3510&dCLEE=3524&dC=4314&lES=4314&lEE=4317&s=nt&title=TriNet%20Expense%20-%20Users%20Login&path=https%3A%2F%2Fapp.trinetexpense.com%2Fusers%2Flogin&ref=&sId=vm7zf0iv&sST=1729628680&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-54e6a986abe53dea349f44c4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.135.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-135-101.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/

Response headers

Expires: 0
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Tue, 22 Oct 2024 20:24:40 GMT
Pragma: no-cache
Connection: keep-alive

GET
H2 200 favicon.ico
app.trinetexpense.com/ 11 KB
0 0ms
0ms Other
image/x-icon 35.80.252.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.trinetexpense.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.80.252.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-252-176.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer: https://app.trinetexpense.com/users/login

Response headers

accept-ranges: bytes
content-length: 11294
date: Tue, 22 Oct 2024 20:24:40 GMT
etag: "67104a00-2c1e"
content-type: image/x-icon
last-modified: Wed, 16 Oct 2024 23:19:28 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trinetexpense.com/	1970-01-21 00:28:35	Name: DANSCOOKIES Value: 3057af95620aaab388d926bc0c514162
.trinetexpense.com/	1970-01-21 00:27:23	Name: ecToken Value: 0e28391c-3943-4fe5-b946-3ca6a64e8428
sso.trinetcloud.com/	1970-01-21 00:37:13	Name: AWSALBCORS Value: 0qdTvco1wDRhHwyL/1NIxk9cn+zN3UffgcAumceC4RXMsT/wTPzUFfKuPbAIo9CJd3Gxn5x/9eu4XXjCtK8BdeGnNlPTgo+0OzisQWA7PBCvEGqfIYMBRwEda91t
.eloqua.com/	1970-01-21 09:57:26	Name: ELOQUA Value: GUID=14392E8F44174F1E82846ED46238AE9E
.eloqua.com/	1970-01-21 09:57:26	Name: ELQSTATUS Value: OK
app.trinetexpense.com/	1970-01-21 00:37:13	Name: AWSALB Value: 6Q3H6esQnW8e+yeg9uZwdx5NH6/9rARYg2/r6ROK7OW45r1+rPDmzcnY1eJxjLe2TVLk7rC3XDBXitjcX+To/uYwbv1I0EA0kL3zIv/p5ZMArFChUPj1iG6l+bcb
app.trinetexpense.com/	1970-01-21 00:37:13	Name: AWSALBCORS Value: 6Q3H6esQnW8e+yeg9uZwdx5NH6/9rARYg2/r6ROK7OW45r1+rPDmzcnY1eJxjLe2TVLk7rC3XDBXitjcX+To/uYwbv1I0EA0kL3zIv/p5ZMArFChUPj1iG6l+bcb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; style-src 'self' 'unsafe-inline' ;img-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sso.trinetcloud.com https://assets.trinetexpense.com/ .googleapis.com .jquery.com .google-analytics.com .aspnetcdn.com .intuit.com .en25.com .gstatic.com .pingdom.net .google.com .finicity.com .dwolla.com .zdassets.com .trinetcloud-ops.com .cloudflare.com .recurly.com .zendesk.com .hrpassport.com .intacct.com .eloqua.com https://s383.t.eloqua.com .amazonaws.com .trinetexpense-ops.com .trinetexpense.com .appspot.com .trinet.com .googletagmanager.com .appdynamics.com .eum-appdynamics.com .lr-in.com googletagmanager.com .appdynamics.com .lr-in.com .pendo.io .dwolla.com; worker-src https://* data: blob:; connect-src https://* data:;; object-src none;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
app.trinetexpense.com
appcenter.intuit.com
cdn.pendo.io
code.jquery.com
data.pendo.io
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
img.en25.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s383.t.eloqua.com
sso.trinetcloud.com
static.zdassets.com
trinetcloud-platform-prod.s3.us-west-1.amazonaws.com
trinetcloud.zendesk.com
trinetexpense.com
104.18.72.113
104.18.74.113
152.199.19.160
172.217.18.99
192.29.68.80
216.198.53.1
23.37.51.81
2606:4700:10::ac43:5d8
2a00:1450:4001:82a::200a
2a04:4e42:200::649
34.107.204.85
34.36.213.229
35.80.252.176
44.229.156.177
44.241.9.6
52.219.121.82
54.72.135.101
01d9e72b5fb8e10904c05b50f59ddddba4b1d5547d301058db379a242643baaf
02714694c730e51101d8d4a88ba67185b96cc8eae13491aafe62bba3449bbcab
028286d5aacd5d6fba1a2427db47fd5d7bd4bce039a753e49a5b690b74775b3e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a4ade685b6856de52182b225d4c621764825a5edafebec1bd7dfd0bb9d966f1
0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14
0f33b91139c2a5e5aed5dc1443b526bbddd6ddcf7f44d7e4f5a29b588b74f9f7
17b770b42be63e43f80966840647b253dbb881da3fa32f486636f0b6b2ce6089
1cb2b6ff6c2a1c0751794e18dcfa0f9d4da8a394a4adbb86ac8bc3c7075691bb
1f6513fcdfdf01fd82bf1f571643b7c402cf7d308c380c17bd7c5bfe6b254d86
277379e7b8cf7e569aabbba8c30b51c9929314a71036164359c65ec19ad00e3b
2a7029d7b88a757fbdff8752760a745b0026b3f9d674b96697336acdf9bcbf6a
2cf0173a376d27e98197cfea2f83053723f825733171855903aa767c6b737db9
2f2153c1c482001f4d47ead34d04376479ae5c3bd6288e731c5a67e68849a0f6
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
362656a19c4454ad1880c634baf58b8c29ca96af2f2480ec64b7511116d17771
3d550da73015d4619d871361ff35a16af6f9290008b572d3db617236fd96fcb5
516ed75d11d33fa4e7239be897e299940cfab8f4dee92743544247f8faf90845
5a07196fae3b0d4fcfccb668e4f025a69c8af47f7591d539d79f887b8b7ce14d
6e77fe08d19fec07f71d5202303938b1a141de12d04f4945ff1860ca35dadfa3
7d82b97fd65dcba258dd7c8159af7650c709c2c3249dbe249c0136cb830550ee
85a2a1ca9efcf42fe76b036fc50ea64b08de3503690d69d82c6ac69a92e412a8
8e1751680f83eb302c4b5806df576842e0f8318850c94bd33fe37506eb37f14f
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9d0ae43ec79dc549fc6e4b83aa0e1024b1113e16640ec5277062d12d48f2f2fa
a9cecdeef11222f613fda63138afa96b130a3eb04d2dce502bd8f416152d9e71
b6d01b6d68da5b98f5ce1ca059b2acade8815afaa39bd257a884a724db74940b
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
c19a2d9461d5160a4010a14bcd8568b2eaed8869cf53df765e757d9a52f893fb
c253d542e7ff71c127d56023b828a1cb1313c980c73e1bbcd760cad045b5d145
c960bf94e248619f155fe566c5c8ff7742df272db8bedc7cd7fab13fd1d46f9b
d5e73ae42ed4f068014f2ac26f036966e4997aa1fd32c2182859e3163dd1f71a
d85d09f62e6ce61d483234ebbca2f74bdf1ec88d2dea2549b1dc00d6af12ff7a
d88736992e399596b8b3b8f52feebeb30df228bbef8d5f64158d607c0febb107
de2b669a3ac548a228639887977e75347845e5cd24227ee08e42d8dbb6fc81f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d8ed74dfcd5dd349b9d629e89092a89838387d99a56d1e94e5eaa85449901e
ebab64235adeddf9c9c4b361ca4ada789a0faf944fb071ce4c76007cf52fd225
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2a05393134ae6ea77ed76f5e9ebbe50bd7f8b60a8580757089f57e385e2e1fd
fb534ca5f0229e510ccc3aec0beb68daadc8ae2e2385468b312c5b7d05056188
fd901c02a21c22eed41a7c8dceca45a5c69c223dbfa0f53f11c05fbfdaf38781
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

app.trinetexpense.com Open in urlscan Pro 35.80.252.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

93 %HTTPS

18 %IPv6

14 Domains

19 Subdomains

16 IPs

5 Countries

3058 kBTransfer

4080 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.trinetexpense.com Open in urlscan Pro
35.80.252.176 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

93 %
HTTPS

18 %
IPv6

14
Domains

19
Subdomains

16
IPs

5
Countries

3058 kB
Transfer

4080 kB
Size

7
Cookies

46 HTTP transactions
0 data transactions