app.brighthr.com
Open in
urlscan Pro
2606:4700:20::ac43:48b5
Public Scan
Effective URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4
Submission: On August 30 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 7th 2022. Valid for: a year.
This is the only time app.brighthr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-34-16.cdg3.r.cloudfront.net
static.hotjar.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 136.244.244.35.bc.googleusercontent.com
cdn.eu.pendo.io |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-231-13.cdg3.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
vars.hotjar.com |
ASN16276 (OVH, FR)
PTR: prd-usage-2.tjsint.net
usage.trackjs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
brighthr.com
app.brighthr.com — Cisco Umbrella Rank: 289580 api.brighthr.com — Cisco Umbrella Rank: 165956 |
2 MB |
4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094 |
21 KB |
3 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 853 vars.hotjar.com — Cisco Umbrella Rank: 858 |
68 KB |
3 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113 cloudflareinsights.com — Cisco Umbrella Rank: 1106 |
5 KB |
1 |
trackjs.com
usage.trackjs.com — Cisco Umbrella Rank: 5077 |
229 B |
1 |
google.de
www.google.de — Cisco Umbrella Rank: 6076 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 9 |
501 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 108 |
443 B |
1 |
pendo.io
cdn.eu.pendo.io — Cisco Umbrella Rank: 15421 |
145 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
73 KB |
27 | 10 |
Domain | Requested by | |
---|---|---|
9 | app.brighthr.com |
app.brighthr.com
|
3 | www.google-analytics.com |
app.brighthr.com
|
2 | cloudflareinsights.com |
app.brighthr.com
|
2 | api.brighthr.com |
app.brighthr.com
|
1 | usage.trackjs.com | |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | www.google.de |
app.brighthr.com
|
1 | www.google.com |
app.brighthr.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | stats.g.doubleclick.net |
app.brighthr.com
|
1 | cdn.eu.pendo.io |
app.brighthr.com
|
1 | www.googletagmanager.com |
app.brighthr.com
|
1 | static.hotjar.com |
app.brighthr.com
|
1 | static.cloudflareinsights.com |
app.brighthr.com
|
27 | 15 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
app.brighthr.com Cloudflare Inc ECC CA-3 |
2022-04-07 - 2023-04-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.hotjar.com Amazon |
2021-11-25 - 2022-12-23 |
a year | crt.sh |
cdn.eu.pendo.io GTS CA 1D4 |
2022-08-10 - 2022-11-08 |
3 months | crt.sh |
api.brighthr.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-04 - 2023-06-04 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
*.trackjs.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2022-07-28 - 2023-08-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4
Frame ID: 04930464B8A90A614FC582F47F4E8642
Requests: 24 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 29765BFAA1CD2AF7F3AFC614AD4CC29A
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Employee Signup - BrightHRDetected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
6b2101ea-66b7-4ae5-bbb0-43e6343568c4
app.brighthr.com/employee-signup/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.4f070141308929c8d316.js
app.brighthr.com/ |
6 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.4f070141308929c8d316.css
app.brighthr.com/ |
114 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t.js
app.brighthr.com/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.min.js
static.cloudflareinsights.com/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-883168.js
static.hotjar.com/c/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
204 KB 73 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pendo.js
cdn.eu.pendo.io/agent/static/c8d3ee73-6126-4b02-7ef9-4b5a56dc94e9/ |
470 KB 145 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getCheckRegistration
api.brighthr.com/api/account/ |
284 B 533 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 148 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
getCheckRegistration
api.brighthr.com/api/account/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 443 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.07ac9b8d187d510db456.js
script.hotjar.com/ |
251 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-1ada912494ba7fc7aca15fcef1c2a7ae.html
vars.hotjar.com/ Frame 2976 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 348 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usage.gif
usage.trackjs.com/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
cloudflareinsights.com/cdn-cgi/ |
0 77 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
rum
cloudflareinsights.com/cdn-cgi/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
473d631a2d0cfccfd51a.png
app.brighthr.com/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c26fd3770695db8584bd.svg
app.brighthr.com/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc46e9e6fffaaa7b7ed1.png
app.brighthr.com/ |
587 KB 588 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c7c03e16bf9db366284d.woff
app.brighthr.com/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
954435afbb7043d1e866.woff
app.brighthr.com/ |
23 KB 24 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| trackJs object| TrackJS string| GoogleAnalyticsObject function| ga object| regeneratorRuntime object| __config object| PubSub object| scCGSHMRCache object| core function| Pusher function| _ number| __mobxInstanceCount object| __mobxGlobals function| saveAs function| hj object| _hjSettings object| dataLayer function| gtag object| pendo object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager function| onYouTubeIframeAPIReady10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.app.brighthr.com/ | Name: _ga Value: GA1.3.2035338574.1661867683 |
|
.app.brighthr.com/ | Name: _gid Value: GA1.3.1767461762.1661867683 |
|
.app.brighthr.com/ | Name: _gat Value: 1 |
|
.brighthr.com/ | Name: _ga_ZBMW1EXPWT Value: GS1.1.1661867683.1.0.1661867683.0.0.0 |
|
.brighthr.com/ | Name: _ga Value: GA1.1.2035338574.1661867683 |
|
.brighthr.com/ | Name: _hjSessionUser_883168 Value: eyJpZCI6ImNkZjMyOGY5LThkZmUtNTgzZC1hYjdiLTAyMmY1MzA1NTc4MSIsImNyZWF0ZWQiOjE2NjE4Njc2ODMyMDksImV4aXN0aW5nIjpmYWxzZX0= |
|
.brighthr.com/ | Name: _hjFirstSeen Value: 1 |
|
app.brighthr.com/ | Name: _hjIncludedInSessionSample Value: 0 |
|
.brighthr.com/ | Name: _hjSession_883168 Value: eyJpZCI6ImRiMWEwZWE4LTZhNGUtNDc4MS05ZjNmLWYzMTgzMDE2NTE2MCIsImNyZWF0ZWQiOjE2NjE4Njc2ODMyMTksImluU2FtcGxlIjpmYWxzZX0= |
|
.brighthr.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.brighthr.com
app.brighthr.com
cdn.eu.pendo.io
cloudflareinsights.com
region1.google-analytics.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
usage.trackjs.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.34.16
143.204.231.13
167.114.119.127
18.66.147.116
2001:4860:4802:32::36
2606:4700:20::ac43:48b5
2606:4700:440e::6812:2fe6
2606:4700:440e::ac40:9c1a
2620:1ec:49::45
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
35.244.244.136
055cb28755debf30332c74dd039bb2160c31f98360f9bc262d51623b034ba94a
070f698c7581502c49a1482a3107afdf4b2e4a0cb43bf8b32f677b1156a7d97f
1693ed7e03d8a0e7a8a2472d9c41c81a8e35d279c7ca856cd67cac522eb99698
24535f5ec6b68b777f2a5270446934d62bae1f5da683edd5dc7ef110be2c2c8d
655b53c19700b99cae6fe2f3d72a5ddeee6abed0269dfe91ef05235342cb5f54
6781123ce0a5980c79aab49f43ea5e0d6b533406fdce2a524a86c9b23019267c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a9289ae7e5ce4fa00b05a5ac363a17127c327aea8d40e2befbdbb36ca000ae3
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
9dd3d5403d89c0ce995946d2f64f3171328849a1f231143c4781621b71b45d9b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a595b4879c3c708ee98c25b6e10b41b10def0c1437aae668bd61a4253c1af24c
a65dbdd4555ac3accaeb0399fdd87936a76ee1f416069326886a2489ed82750f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b572927a1ea4f09e27bd0ecf1e5ddb525245836e2632295960df065770fc996d
bf7c5e5b8bc09771a86ce99b297779fcb52bbbdc17fd2166d617562fb41a96a0
ce2e6a75430bd79e6c9ae104387df161705f7cfdd950458c98ecf2a42c2afeee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8d83e8052424462e1fe64c35e05f2bbef4c73eb272cd947e50dad9249d6564c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505