app.brighthr.com Open in urlscan Pro
2606:4700:20::ac43:48b5  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Show response app.brighthr.com/employee-signup/	2 KB 2 KB	136ms 101ms	Document text/html	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce2e6a75430bd79e6c9ae104387df161705f7cfdd950458c98ecf2a42c2afeee Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 742e05137b4a9028-FRA content-encoding br content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; content-type text/html; charset=utf-8 date Tue, 30 Aug 2022 13:54:41 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqeY7DGhiQ1WfDPPHtyvNDACypCEnvfv%2BgFsqE%2BAHzibNGehqdo7%2BisN38LpISVK5BooVm1tti2GAN5Q7lCs2QnmLQJJbtyfzbHCzYjcF%2F3eR7OrEIJBlZRKEcvpDM7wsScu34w8zyqlc%2BtP%2FYvm"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	bundle.4f070141308929c8d316.js Show response app.brighthr.com/	6 MB 2 MB	374ms 374ms	Script application/javascript	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/bundle.4f070141308929c8d316.js Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 055cb28755debf30332c74dd039bb2160c31f98360f9bc262d51623b034ba94a Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"cc26e32fb5fb1744644254b0cf35eafb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Fz80PL8A12FxBPTBzPMMl3I61A%2FuGSdzpyWCLTRHwXKdKau3Cw3kzE1MFl6UWFtrCLtwKKty2uRV3YgV42FTF44wjVe00dMj1%2BBOm7fUBFcbMidiTd0bH8A7lBwlHvj5f4hQpApm7T%2BF%2F5eBdTE"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e05141c3e9028-FRA
GET H2	200	styles.4f070141308929c8d316.css app.brighthr.com/	114 KB 19 KB	214ms 214ms	Stylesheet text/css	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/styles.4f070141308929c8d316.css Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf7c5e5b8bc09771a86ce99b297779fcb52bbbdc17fd2166d617562fb41a96a0 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"7bdae0b19333908fbe9ef17f5bf36a49" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h25WPiKbJYR5L0BRv6FMvbqB699iBEfMPdNZUY1%2Fx8p85ZjMpX7IEuPXnr%2BuIVA%2Fs9CKdS1kp8voEzwsC2AeLZ587df2TzUnvdzDfrVAyN9b%2FImvpbh7WPF3vaQE7FCEFlWruuKMHEpMVZZaf8zR"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e05141c419028-FRA
GET H2	200	t.js Show response app.brighthr.com/	28 KB 9 KB	613ms 613ms	Script application/javascript	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/t.js Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a9289ae7e5ce4fa00b05a5ac363a17127c327aea8d40e2befbdbb36ca000ae3 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"684a3d2159f033382e84ac36402b567c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtpAOKsB%2FsUKlvwmvU6Ue5emHm27KMh6HOQrBbGZ9cA9%2BPwODKoTFSr%2Bkw0mJeMPTA5C%2FnQDMyUySc5MADSpK%2BqtEfHzGQTvzj9C6vox%2FgTDJSBBzQf8PPTpm9j%2BieUru1h6%2B7j74fX3OqT4meQt"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e05141c439028-FRA
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	14 KB 5 KB	88ms 62ms	Script text/javascript	2606:4700:440e::6812:2fe6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:42 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 742e0517ee4a90a9-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	60ms 24ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 3162 date Tue, 30 Aug 2022 13:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 30 Aug 2022 15:02:00 GMT
GET H2	200	hotjar-883168.js Show response static.hotjar.com/c/	4 KB 2 KB	90ms 16ms	Script application/javascript	13.225.34.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-883168.js?sv=6 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/bundle.4f070141308929c8d316.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.34.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-34-16.cdg3.r.cloudfront.net Software / Resource Hash f8d83e8052424462e1fe64c35e05f2bbef4c73eb272cd947e50dad9249d6564c Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=86400; includeSubDomains content-encoding br x-content-type-options nosniff age 17 x-cache Hit from cloudfront date Tue, 30 Aug 2022 13:54:39 GMT cross-origin-resource-policy cross-origin via 1.1 32ceb5729c4d415c2eb5bbab5ff21b8e.cloudfront.net (CloudFront) cache-control max-age=60 etag W/9f436e395f21c168b165d80141459701 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop CDG3-C2 x-amz-cf-id lMVtclpnSS_1YTBk2W2nAMU2ked2sKfC8k2UjByCogGInQMyf8BJPg==
GET H2	200	js Show response www.googletagmanager.com/gtag/	204 KB 73 KB	108ms 35ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZBMW1EXPWT Requested by Host: app.brighthr.com URL: https://app.brighthr.com/bundle.4f070141308929c8d316.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a595b4879c3c708ee98c25b6e10b41b10def0c1437aae668bd61a4253c1af24c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74033 x-xss-protection 0 expires Tue, 30 Aug 2022 13:54:43 GMT
GET H2	200	pendo.js Show response cdn.eu.pendo.io/agent/static/c8d3ee73-6126-4b02-7ef9-4b5a56dc94e9/	470 KB 145 KB	88ms 16ms	Script application/javascript	35.244.244.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.eu.pendo.io/agent/static/c8d3ee73-6126-4b02-7ef9-4b5a56dc94e9/pendo.js Requested by Host: app.brighthr.com URL: https://app.brighthr.com/bundle.4f070141308929c8d316.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.244.136 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 136.244.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash a65dbdd4555ac3accaeb0399fdd87936a76ee1f416069326886a2489ed82750f Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:49:54 GMT content-encoding gzip age 289 x-guploader-uploadid ADPycduYG13-k9RtFDAOYvbpo1qb4uU-K-NQnnD7WXOWNpa4_G-LA-NpxSiicNngJCTfpg2SkQiedPKWWpevr_Qguv32cPvvqpTe x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147855 last-modified Tue, 30 Aug 2022 12:49:00 GMT server UploadServer etag "cc1e0142b33a3577bfbd8f5319026d3a" vary Accept-Encoding x-goog-hash crc32c=in+/EA==, md5=zB4BQrM6NXe/vY9TGQJtOg== x-goog-generation 1661863740131382 access-control-allow-origin * access-control-expose-headers * cache-control max-age=450,public x-goog-stored-content-length 147855 accept-ranges bytes content-type application/javascript
GET H2	200	getCheckRegistration Show response api.brighthr.com/api/account/	284 B 533 B	45ms 45ms	XHR application/json	2620:1ec:49::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.brighthr.com/api/account/getCheckRegistration?id=6b2101ea-66b7-4ae5-bbb0-43e6343568c4&languageCode=en-gb Requested by Host: app.brighthr.com URL: https://app.brighthr.com/t.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash b572927a1ea4f09e27bd0ecf1e5ddb525245836e2632295960df065770fc996d Request headers BrightSession 79a08250-cb81-4ee1-89bc-7d1826e2d1a0 Accept application/json, text/plain, */* Referer https://app.brighthr.com/ BuildVersion 17f9de9 BrightClient WebApp User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers pragma no-cache date Tue, 30 Aug 2022 13:54:42 GMT content-encoding gzip x-powered-by ASP.NET vary Origin,Accept-Encoding x-cache CONFIG_NOCACHE content-type application/json; charset=utf-8 access-control-allow-origin https://app.brighthr.com cache-control no-store, no-cache access-control-allow-credentials true x-azure-ref 0oxYOYwAAAADGSquFueuhSrpSSVyDxgN4RlJBMjMxMDUwNDIwMDIxAGI2Yjk0YWE0LWQ2ZjUtNDRmYy1hNjg1LTMyM2UwYTFhZjgyNQ== content-length 304 request-context appId=cid-v1:8235c8a1-04ed-4656-a32a-65d38302fd43
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 148 B	21ms 20ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2023205072&t=event&_s=1&dl=https%3A%2F%2Fapp.brighthr.com%2Femployee-signup%2F6b2101ea-66b7-4ae5-bbb0-43e6343568c4&ul=en-us&de=UTF-8&dt=Employee%20Signup%20-%20BrightHR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Country&ea=United%20Kingdom&_u=IGBACAABBAAAAC~&jid=1275385279&gjid=849515532&cid=2035338574.1661867683&tid=UA-67739736-1&_gid=1767461762.1661867683&_r=1&_slc=1&z=177787975 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://app.brighthr.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.brighthr.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	13ms 12ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2023205072&t=pageview&_s=2&dl=https%3A%2F%2Fapp.brighthr.com%2Femployee-signup%2F6b2101ea-66b7-4ae5-bbb0-43e6343568c4&dp=%2Femployee-signup%2F6b2101ea-66b7-4ae5-bbb0-43e6343568c4&ul=en-us&de=UTF-8&dt=Employee%20Signup%20-%20BrightHR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACAABBAAAAC~&jid=&gjid=&cid=2035338574.1661867683&tid=UA-67739736-1&_gid=1767461762.1661867683&z=919977656 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Mon, 29 Aug 2022 16:35:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 76742 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	getCheckRegistration api.brighthr.com/api/account/ Frame	0 0	318ms 103ms	Preflight	2620:1ec:49::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://api.brighthr.com/api/account/getCheckRegistration?id=6b2101ea-66b7-4ae5-bbb0-43e6343568c4&languageCode=en-gb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash Request headers Accept */* Access-Control-Request-Headers brightclient,brightsession,buildversion Access-Control-Request-Method GET Origin https://app.brighthr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers brightclient,brightsession,buildversion access-control-allow-methods GET access-control-allow-origin https://app.brighthr.com date Tue, 30 Aug 2022 13:54:42 GMT request-context appId=cid-v1:8235c8a1-04ed-4656-a32a-65d38302fd43 vary Origin x-azure-ref 0oxYOYwAAAAB1hRjTJf4oQqrr+mBboNIWRlJBMjMxMDUwNDIwMDIxAGI2Yjk0YWE0LWQ2ZjUtNDRmYy1hNjg1LTMyM2UwYTFhZjgyNQ== x-cache CONFIG_NOCACHE x-powered-by ASP.NET
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 443 B	60ms 18ms	XHR text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67739736-1&cid=2035338574.1661867683&jid=1275385279&gjid=849515532&_gid=1767461762.1661867683&_u=IGBACAAABAAAAC~&z=483434181 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://app.brighthr.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 30 Aug 2022 13:54:43 GMT content-type text/plain access-control-allow-origin https://app.brighthr.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.07ac9b8d187d510db456.js Show response script.hotjar.com/	251 KB 64 KB	105ms 17ms	Script application/javascript	143.204.231.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.07ac9b8d187d510db456.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-883168.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.231.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-231-13.cdg3.r.cloudfront.net Software / Resource Hash 6781123ce0a5980c79aab49f43ea5e0d6b533406fdce2a524a86c9b23019267c Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 12:30:07 GMT content-encoding br x-content-type-options nosniff age 5076 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 65413 access-control-allow-origin * last-modified Tue, 30 Aug 2022 12:29:33 GMT etag "fff5770f0de5c66c4269264cf792ec05" vary Accept-Encoding content-type application/javascript via 1.1 7526a0b7bfa848d05d560d12a314a7c8.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG3-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id MJ-f9l1AY3QKG83-5vKAZnXIXReJf0ae1bbiM2j-iOeO6ZB0spSesg==
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	92ms 54ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67739736-1&cid=2035338574.1661867683&jid=1275385279&_u=IGBACAAABAAAAC~&z=1736671379 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	88ms 52ms	Image image/gif	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67739736-1&cid=2035338574.1661867683&jid=1275385279&_u=IGBACAAABAAAAC~&z=1736671379 Requested by Host: app.brighthr.com URL: https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response vars.hotjar.com/ Frame 2976	2 KB 1 KB	27ms 8ms	Document text/html	18.66.147.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-883168.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-116.fra60.r.cloudfront.net Software / Resource Hash 90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://app.brighthr.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4166497 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 13 Jul 2022 08:33:06 GMT etag "0b3d3f4206ab84d8861a8cc4b2ddbe66" last-modified Wed, 13 Jul 2022 08:32:20 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) x-amz-cf-id u8_uCWGGQPdrNNlYflG_dz7PqX6juma9A1eCN8F1xHlGMJdV-X2YLw== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
POST H2	204	collect region1.google-analytics.com/g/	0 348 B	49ms 18ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-ZBMW1EXPWT&gtm=2oe8t0&_p=2023205072&cid=2035338574.1661867683&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1661867683&sct=1&seg=0&dl=https%3A%2F%2Fapp.brighthr.com%2Femployee-signup%2F6b2101ea-66b7-4ae5-bbb0-43e6343568c4&dt=Employee%20Signup%20-%20BrightHR&en=scroll&_fv=1&_ss=1&ep.allowLinker=true&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZBMW1EXPWT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Tue, 30 Aug 2022 13:54:43 GMT server Golfe2 content-type text/plain access-control-allow-origin https://app.brighthr.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usage.gif usage.trackjs.com/	43 B 229 B	537ms 95ms	Image image/gif	167.114.119.127 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://usage.trackjs.com/usage.gif?token=e8af43bf2c1f4b0f97d57f4712dc464c&correlationId=d5c259b7-d20f-4459-b0bc-a1bf74c4fa1d&application=hr-prod&x=2ad118ce-0104-4299-8b90-b500619f96fc& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.119.127 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS prd-usage-2.tjsint.net Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Tue, 30 Aug 2022 13:54:43 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
POST H2	200	rum Show response cloudflareinsights.com/cdn-cgi/	0 77 B	20ms 20ms	XHR text/plain	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Requested by Host: app.brighthr.com URL: https://app.brighthr.com/t.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://app.brighthr.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 content-type application/json Response headers date Tue, 30 Aug 2022 13:54:43 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://app.brighthr.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 742e051c5d0c9bc4-FRA vary Origin
OPTIONS H2	200	rum cloudflareinsights.com/cdn-cgi/ Frame	0 0	35ms 9ms	Preflight text/plain	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://app.brighthr.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST,OPTIONS access-control-allow-origin https://app.brighthr.com access-control-max-age 86400 cf-ray 742e051c4cea9bc4-FRA content-encoding gzip content-type text/plain date Tue, 30 Aug 2022 13:54:43 GMT server cloudflare vary Origin x-content-type-options nosniff x-frame-options DENY
GET H2	200	473d631a2d0cfccfd51a.png app.brighthr.com/	22 KB 22 KB	54ms 53ms	Image image/png	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.brighthr.com/473d631a2d0cfccfd51a.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 655b53c19700b99cae6fe2f3d72a5ddeee6abed0269dfe91ef05235342cb5f54 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains content-length 22125 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag "c54c2160f89f82c2bb9e6b5d3a26565c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7HKqd5R12HcXXp6Pfc9VeuPpqnlf0Esh3RmmvVC0xbGu5ZVVdLmH%2Bt5xksBwzq3X7tbHWj1LsI9jbInMX271ABGGSylDr86Z%2BSFn4uUl3FFJXvMLijKAtSo0v7ZRw1KrLHwC3DWfHAlHUEiS4Ah"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e051d0a2a9028-FRA
GET H2	200	c26fd3770695db8584bd.svg app.brighthr.com/	2 KB 1 KB	114ms 114ms	Image image/svg+xml	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.brighthr.com/c26fd3770695db8584bd.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9dd3d5403d89c0ce995946d2f64f3171328849a1f231143c4781621b71b45d9b Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag W/"17f224d546ac82a716d682b8b1f9eb73" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1aSD48eUuDx7t2D1F%2BYZsmMqv1SHgm2SXWVgocGF%2FRqVmujNHYfcomQ4qT9LIi7wGQwAZkKbrRP5Mm%2F3F98LNdrACq4MCpBVjykz66KtxAT0lnV50uW8x%2BmPUrZFXEM3M4NxfntX4ZSrCB5to9X"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e051d0a2c9028-FRA
GET H2	200	bc46e9e6fffaaa7b7ed1.png app.brighthr.com/	587 KB 588 KB	151ms 151ms	Image image/png	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://app.brighthr.com/bc46e9e6fffaaa7b7ed1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 070f698c7581502c49a1482a3107afdf4b2e4a0cb43bf8b32f677b1156a7d97f Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://app.brighthr.com/employee-signup/6b2101ea-66b7-4ae5-bbb0-43e6343568c4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains content-length 601041 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag "eacb312837ee172fc350c9fabda1a6a0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjIlpnbv7C3paes81l5Zmx4ylMahcaR0%2B4VkwQNnpIQClL28ysEylko5oZaK5wO1%2BZjwPGK4IhVwora8odXNKwyWiTfapG3%2FcD8kxDzr96oYSasEumvUDeg1Dvet9vqUfjhwjM6jqmMuObTcCh90"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e051d0a2d9028-FRA
GET H2	200	c7c03e16bf9db366284d.woff app.brighthr.com/	24 KB 25 KB	76ms 76ms	Font font/woff	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/c7c03e16bf9db366284d.woff Requested by Host: app.brighthr.com URL: https://app.brighthr.com/styles.4f070141308929c8d316.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1693ed7e03d8a0e7a8a2472d9c41c81a8e35d279c7ca856cd67cac522eb99698 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.brighthr.com/styles.4f070141308929c8d316.css Origin https://app.brighthr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains content-length 24260 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag "cb84d32b0d2cfe293e4c107ff01c0f94" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FX89BIOJ%2Fk1wZcsHAQKuOP2P1yD%2FdKo59tMOYz7QA1KmWbhVeFZ58voIBIYAlNCXwhmrMpJ%2BzHtZgVJyRnxfhYyDFcWGOcFHDeLwZl80J%2BXiA9GhyL2jKHxmB0q33P35HnUbzYR04qHAf65Slio"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e051d0a2e9028-FRA
GET H2	200	954435afbb7043d1e866.woff app.brighthr.com/	23 KB 24 KB	222ms 222ms	Font font/woff	2606:4700:20::ac43:48b5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.brighthr.com/954435afbb7043d1e866.woff Requested by Host: app.brighthr.com URL: https://app.brighthr.com/styles.4f070141308929c8d316.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:48b5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24535f5ec6b68b777f2a5270446934d62bae1f5da683edd5dc7ef110be2c2c8d Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://app.brighthr.com/styles.4f070141308929c8d316.css Origin https://app.brighthr.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 13:54:43 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains content-length 24008 referrer-policy strict-origin-when-cross-origin server cloudflare x-frame-options SAMEORIGIN etag "25b87ea1b1af9e44a7f38210af2a0ec4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgQDkg36azbYIFEpJemkQg2%2BCjpXZwKQZpLrZpD6y3gvb1BSNEp%2BjhrtWbQdESRFmv5PdZdTcpAtHYky9s5uoRGX7UaUQRt1PjZFT7PWkNJ3RDDjV12IRqTTtRWg2G0sHKlOru3H1mlin8i7EAM4"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control public, max-age=0, must-revalidate permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-security-policy default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce; cf-ray 742e051d1a3a9028-FRA

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| trackJs object| TrackJS string| GoogleAnalyticsObject function| ga object| regeneratorRuntime object| __config object| PubSub object| scCGSHMRCache object| core function| Pusher function| _ number| __mobxInstanceCount object| __mobxGlobals function| saveAs function| hj object| _hjSettings object| dataLayer function| gtag object| pendo object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager function| onYouTubeIframeAPIReady

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.app.brighthr.com/	1970-01-20 15:13:47	Name: _ga Value: GA1.3.2035338574.1661867683
			.app.brighthr.com/	1970-01-20 05:39:14	Name: _gid Value: GA1.3.1767461762.1661867683
			.app.brighthr.com/	1970-01-20 05:37:47	Name: _gat Value: 1
			.brighthr.com/	1970-01-20 15:13:47	Name: _ga_ZBMW1EXPWT Value: GS1.1.1661867683.1.0.1661867683.0.0.0
			.brighthr.com/	1970-01-20 15:13:47	Name: _ga Value: GA1.1.2035338574.1661867683
			.brighthr.com/	1970-01-20 14:23:23	Name: _hjSessionUser_883168 Value: eyJpZCI6ImNkZjMyOGY5LThkZmUtNTgzZC1hYjdiLTAyMmY1MzA1NTc4MSIsImNyZWF0ZWQiOjE2NjE4Njc2ODMyMDksImV4aXN0aW5nIjpmYWxzZX0=
			.brighthr.com/	1970-01-20 05:37:49	Name: _hjFirstSeen Value: 1
			app.brighthr.com/	1970-01-20 05:37:47	Name: _hjIncludedInSessionSample Value: 0
			.brighthr.com/	1970-01-20 05:37:49	Name: _hjSession_883168 Value: eyJpZCI6ImRiMWEwZWE4LTZhNGUtNDc4MS05ZjNmLWYzMTgzMDE2NTE2MCIsImNyZWF0ZWQiOjE2NjE4Njc2ODMyMTksImluU2FtcGxlIjpmYWxzZX0=
			.brighthr.com/	1970-01-20 05:37:49	Name: _hjAbsoluteSessionInProgress Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' blob: data: https:; child-src *.eu.pendo.io; connect-src https: wss:; frame-ancestors *.eu.pendo.io; frame-src data: https:; object-src data: https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: static.cloudflareinsights.com *.drift.com *.driftt.com *.google-analytics.com *.marketo.com *.googletagmanager.com pendo-eu-static.storage.googleapis.com pendo-eu-static-5665307065974784.storage.googleapis.com *.hotjar.com *.vimeo.com *.eu.pendo.io connect.facebook.net *.trackjs.com *.zapier.com; style-src 'self' 'unsafe-inline' https:; upgrade-insecure-requests; report-uri https://brighthr.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.brighthr.com
app.brighthr.com
cdn.eu.pendo.io
cloudflareinsights.com
region1.google-analytics.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
usage.trackjs.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.225.34.16
143.204.231.13
167.114.119.127
18.66.147.116
2001:4860:4802:32::36
2606:4700:20::ac43:48b5
2606:4700:440e::6812:2fe6
2606:4700:440e::ac40:9c1a
2620:1ec:49::45
2a00:1450:4001:801::2004
2a00:1450:4001:801::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
35.244.244.136
055cb28755debf30332c74dd039bb2160c31f98360f9bc262d51623b034ba94a
070f698c7581502c49a1482a3107afdf4b2e4a0cb43bf8b32f677b1156a7d97f
1693ed7e03d8a0e7a8a2472d9c41c81a8e35d279c7ca856cd67cac522eb99698
24535f5ec6b68b777f2a5270446934d62bae1f5da683edd5dc7ef110be2c2c8d
655b53c19700b99cae6fe2f3d72a5ddeee6abed0269dfe91ef05235342cb5f54
6781123ce0a5980c79aab49f43ea5e0d6b533406fdce2a524a86c9b23019267c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a9289ae7e5ce4fa00b05a5ac363a17127c327aea8d40e2befbdbb36ca000ae3
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
9dd3d5403d89c0ce995946d2f64f3171328849a1f231143c4781621b71b45d9b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a595b4879c3c708ee98c25b6e10b41b10def0c1437aae668bd61a4253c1af24c
a65dbdd4555ac3accaeb0399fdd87936a76ee1f416069326886a2489ed82750f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b572927a1ea4f09e27bd0ecf1e5ddb525245836e2632295960df065770fc996d
bf7c5e5b8bc09771a86ce99b297779fcb52bbbdc17fd2166d617562fb41a96a0
ce2e6a75430bd79e6c9ae104387df161705f7cfdd950458c98ecf2a42c2afeee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8d83e8052424462e1fe64c35e05f2bbef4c73eb272cd947e50dad9249d6564c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505