urlscan.io logo urlscan.io
SecurityTrails logo

bamboohr.my.site.com Open in urlscan Pro
2a02:26f0:e600::170f:b212  Public Scan

Go To Rescan Add Verdict Report
URL: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b3...
Submission: On January 09 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2a02:26f0:e600::170f:b212, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is bamboohr.my.site.com. The Cisco Umbrella rank of the primary domain is 770783.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on April 3rd 2023. Valid for: a year.
This is the only time bamboohr.my.site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a02:26f0:e60... 20940 (AKAMAI-ASN1)
11 1
Apex Domain
Subdomains		 Transfer
11 site.com
bamboohr.my.site.com — Cisco Umbrella Rank: 770783
2 MB
11 1
Domain Requested by
11 bamboohr.my.site.com bamboohr.my.site.com
11 1

This site contains no links.

Subject Issuer Validity Valid
prod.cdn.salesforce-experience.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-04-03 -
2024-03-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Frame ID: 3AFC208D07535D6AE7119FC0FD454E40
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey: csat_chat

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2126 kB
Transfer

9690 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request runtimeApp.app
bamboohr.my.site.com/surveys/survey/ 		394 KB
98 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1d9150ba9a1604bc6bb5f38d2db495d135985496b875249c983049478405a71a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-qs8UHSTpOijFi8vfgYpYAyyHB0xrjhlm' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/ https://*.arcgis.com; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com https://*.arcgis.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com https://*.arcgis.com https://*.api.salesforce.com/; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.0eb20f17.1704828242.3804f282
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-qs8UHSTpOijFi8vfgYpYAyyHB0xrjhlm' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/ https://*.arcgis.com; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com https://*.arcgis.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com https://*.arcgis.com https://*.api.salesforce.com/; base-uri 'self'
content-type
text/html;charset=UTF-8
date
Tue, 09 Jan 2024 19:24:02 GMT
expires
Mon, 09 Jan 2023 19:24:02 GMT
last-modified
Mon, 09 Jan 2023 19:24:02 GMT
link
</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22_TWWbcity_6e_GTQoGN8LQ%22%2C%22cuid%22%3A-1867236337%7D%2C%22pathPrefix%22%3A%22%2Fsurveys%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki4z000000F0mq%22%2C%22surveyName%22%3A%22csat_chat%22%7D>;rel=preload;as=style;nopush,</surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js>;rel=preload;as=script;nopush,</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/appcore.js?2=>;rel=preload;as=script;nopush,</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server-timing
Total;dur=114
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
app.css
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LY... 		1 MB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%22_TWWbcity_6e_GTQoGN8LQ%22%2C%22cuid%22%3A-1867236337%7D%2C%22pathPrefix%22%3A%22%2Fsurveys%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki4z000000F0mq%22%2C%22surveyName%22%3A%22csat_chat%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff8bc3799b0ee868881c87f1b56d80b2280b71995b5525e7ef20b963b660c930
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Mon, 08 Jan 2024 19:24:03 GMT
date
Tue, 09 Jan 2024 19:24:03 GMT
akamai-grn
0.0eb20f17.1704828243.3804f40b
x-origin-cache-control
public,max-age=31536000,immutable
vary
Origin, Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31535964
x-xss-protection
1; mode=block
expires
Wed, 08 Jan 2025 19:23:27 GMT
aura_prod.js
bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/ 		835 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
380d50cc899d0aadee0b196b7d5be1f1ee2000f08d9eee542aeefc492b86aadc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 19:24:03 GMT
akamai-grn
0.0eb20f17.1704828243.3804f40c
server-timing
Total;dur=44
content-length
266975
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 Jan 2024 08:02:38 GMT
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=31063153
timing-allow-origin
*
expires
Fri, 03 Jan 2025 08:03:16 GMT
appcore.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7... 		912 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/appcore.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
692a47c979416c54b03951027b454bd55df9e459221c927cbf30ec833e6ddb7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Sun, 10 Dec 2023 12:41:56 GMT
date
Tue, 09 Jan 2024 19:24:03 GMT
akamai-grn
0.0eb20f17.1704828243.3804f40d
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
136175
x-xss-protection
1; mode=block
expires
Wed, 08 Jan 2025 19:24:03 GMT
app.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7... 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-246.15.5-3.0.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/app.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cad6fea7371a89f5458e01138f219e981e3ec357701ed0cc7141b3d1e687ec62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 07:13:10 GMT
date
Tue, 09 Jan 2024 19:24:03 GMT
akamai-grn
0.0eb20f17.1704828243.3804f40e
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=30921069
content-length
1159811
x-xss-protection
1; mode=block
expires
Wed, 01 Jan 2025 16:35:12 GMT
resources.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA%2... 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22U4HKbvtlLa2GA57__LYpqg%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDE2Njdlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Fsurveys%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22-386269907%22%7D/resources.js?pv=17048129620001847275338&rv=1704820014000
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f5971427af0e3d5e6ee700208550d893a8ebf9c33c9c87463e7b8d4b5a1aac3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Mon, 08 Jan 2024 19:24:03 GMT
date
Tue, 09 Jan 2024 19:24:03 GMT
akamai-grn
0.0eb20f17.1704828243.3804f468
x-origin-cache-control
private,max-age=31536000,immutable
vary
Origin, Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=31536000,immutable
content-length
7061
x-xss-protection
1; mode=block
expires
Wed, 08 May 2024 19:24:03 GMT
aura
bamboohr.my.site.com/surveys/ 		82 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=0&aura.Component.getComponent=1&ui-survey-components-controller.SurveyRuntime.getFlowParameters=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0c36751081c9897ee9000b5ab1a810ed66cbbb0f35014ce702aa308a27ea27e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
91d56233185c1228
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
15175900004e58859a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 19:24:04 GMT
akamai-grn
0.0eb20f17.1704828243.3804f708
server-timing
Total;dur=177
content-length
25065
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Jan 2023 19:24:04 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Mon, 09 Jan 2023 19:24:04 GMT
aura
bamboohr.my.site.com/surveys/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=1&ui-interaction-runtime-components-controllers.FlowRuntime.runInterview=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e648bcdd6e82c286cbaeb1936c820241542f3e565f9d6da2115cbbdd2940d209
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
91d56233185c1228
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
1918000000a9086c29
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 19:24:04 GMT
akamai-grn
0.0eb20f17.1704828244.3804f82c
server-timing
Total;dur=82
content-length
2652
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Jan 2023 19:24:04 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Mon, 09 Jan 2023 19:24:04 GMT
BambooHRLogoGreen_1
bamboohr.my.site.com/surveys/file-asset-public/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bamboohr.my.site.com/surveys/file-asset-public/BambooHRLogoGreen_1?oid=00D50000000JMqp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
489eb98ef6d6a3643e67d1f55c1aae74605c0ff8fac8c0d8aae9d05c44cb70c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:24:05 GMT
last-modified
Sat, 23 Dec 2023 23:36:55 GMT
server
Akamai Image Manager
akamai-grn
0.0eb20f17.1704828244.3804f832
x-origin-cache-control
no-transform, max-age=86400
x-frame-options
SAMEORIGIN
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=77619
content-length
4349
expires
Wed, 10 Jan 2024 16:57:44 GMT
aura
bamboohr.my.site.com/surveys/ 		1 MB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=2&aura.Component.getComponentDef=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fdafde04c8820fc7c34a3d3fc202107013664e18daa41e8b15df6b19870978c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
91d56233185c1228
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
2258400000bf273499
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Jan 2023 19:24:04 GMT
date
Tue, 09 Jan 2024 19:24:04 GMT
akamai-grn
0.0eb20f17.1704828244.3804f93e
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Mon, 09 Jan 2023 19:24:04 GMT
aura
bamboohr.my.site.com/surveys/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=3&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/YWYyQV90T3g3VDhySzNWUm1kcF9WUVY4bi1LdGdMbklVbHlMdER1eVVlUGcyNDYuMTUuNS0zLjAuNA/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b212 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4cbd274b696acaaec8a04ff35cb3f889da7f049180dc6d16303b07f66f8e0ed2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000F0mq&surveyName=csat_chat&UUID=5d120c3c-b393-4386-932e-931a8863bb04&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
91d56233185c1228
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
2758400000b50cdd39
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 09 Jan 2024 19:24:05 GMT
akamai-grn
0.0eb20f17.1704828245.3804fa83
server-timing
Total;dur=89
content-length
916
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 09 Jan 2023 19:24:05 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Mon, 09 Jan 2023 19:24:05 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA

7 Cookies

Domain/Path Name / Value
bamboohr.my.site.com/ Name: CookieConsentPolicy
Value: 0:1
bamboohr.my.site.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
bamboohr.my.site.com/ Name: BrowserId
Value: paL-rK8kEe6GIHtXGzE5Qg
bamboohr.my.site.com/ Name: BrowserId_sec
Value: paL-rK8kEe6GIHtXGzE5Qg
bamboohr.my.site.com/ Name: sfdc-stream
Value: !LRCUOC3PSgP5DcLk2EVyZ5aGZZVXS7D7+q4UBPxyPDEMCGzTtjlaDQR5ZyCqOVeFUMn2l1EpbHUaVJQ=
.my.site.com/ Name: ak_bmsc
Value: F7D10328CA178B55CFF15CC043A6AC31~000000000000000000000000000000~YAAQDrIPF4f0cYWMAQAAJoyu7xYBgY4ph6j0GAHh3jo3DOVz9r+6P2bbORB4zeEZWWyRueCv1XlKpHKMEX6x7GqcmlKdUG7/pbrEoMxMGmgefJutjBrT/8mcpQzE8q6hC+Dxe/KeksEBL4D78Hj4V9bWizIz4KhjbADbqW2lqOKLTslXlPhaPjGK2LoJIipYYzDcX+xPcgOAgjPC/wFI3n/SZ6FLgTNKITdKlgBj6sZDuav5km47LeMm3c6xt2KnOA5i+UVEpzAL/QH/QxhbSbYyeVHLTYBY6+Q0+sbRc5tqp7pW9xZlEgP7ZdcKP95PbSgzaa/vjPyJ2E1VGszZhH/UFAMhvxlq+jJ9OeSizF7u9kX7AJs5rRYTitNdndgLblS6iYyV38Zqnyuvdw==
.my.site.com/ Name: bm_sv
Value: CECED1F628792A83AA554E5FD4F8E0BC~YAAQDrIPF+n1cYWMAQAAF5au7xZiEdRq5sDFWTCNkaQnX6YEr9SUPI4t2O1k3fe/fXKWdoHT3hdvYvHnRxPAfhHqAro3SJ8G8V4YBRMX9+psv2JJ00E0uMc6g+N4/xAMlwRO0fbPBlkupMe0DMRvA4Y4s5YAJB0FWa0FtBOQs9L1c1y1eWYFTko/b1zMgfL72hBLlkm2AyU7zrquo2l87zWSPIiRkTXhBE8NQ/WtV34ZJwnfyIG05l0/Us3Hrr8KkA==~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-qs8UHSTpOijFi8vfgYpYAyyHB0xrjhlm' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/ https://*.arcgis.com; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https: *.vf.force.com https://*.arcgis.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com https://*.arcgis.com https://*.api.salesforce.com/; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block