urlscan.io logo urlscan.io
SecurityTrails logo

bamboohr.my.site.com Open in urlscan Pro
2a02:26f0:e600::170f:b228  Public Scan

Go To Rescan Add Verdict Report
URL: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6a...
Submission: On September 28 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2a02:26f0:e600::170f:b228, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is bamboohr.my.site.com.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on April 3rd 2023. Valid for: a year.
This is the only time bamboohr.my.site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2a02:26f0:e60... 20940 (AKAMAI-ASN1)
11 1
Apex Domain
Subdomains		 Transfer
11 site.com
bamboohr.my.site.com
2 MB
11 1
Domain Requested by
11 bamboohr.my.site.com bamboohr.my.site.com
11 1

This site contains no links.

Subject Issuer Validity Valid
prod.cdn.salesforce-experience.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-04-03 -
2024-03-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Frame ID: B5F3C8BA8BD780B569A016F5547870A4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Survey: csat_chat

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2070 kB
Transfer

9561 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request runtimeApp.app
bamboohr.my.site.com/surveys/survey/ 		362 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d7effe3533a94e9883a137c1d897ea1e1cb76e3858b64be09269fc840ab067e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-VoQDrxbLfCQ5JPBOrsubwS2gfcQVxQWY' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' http: https: data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.24b20f17.1695935899.180abff2
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
content-encoding
gzip
content-security-policy
upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-VoQDrxbLfCQ5JPBOrsubwS2gfcQVxQWY' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' http: https: data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com; base-uri 'self'
content-type
text/html;charset=UTF-8
date
Thu, 28 Sep 2023 21:18:19 GMT
expires
Wed, 28 Sep 2022 21:18:19 GMT
last-modified
Wed, 28 Sep 2022 21:18:19 GMT
link
</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%225290T1GmNnxyw5X0x0bDNg%22%2C%22cuid%22%3A1780590126%7D%2C%22pathPrefix%22%3A%22%2Fsurveys%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki4z000000nJu5%22%2C%22surveyName%22%3A%22csat_chat%22%7D>;rel=preload;as=style;nopush,</surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js>;rel=preload;as=script;nopush,</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/appcore.js?2=>;rel=preload;as=script;nopush,</surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=>;rel=preload;as=script;nopush
referrer-policy
origin-when-cross-origin
server-timing
Total;dur=114
strict-transport-security
max-age=63072000; includeSubDomains
timing-allow-origin
*
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
app.css
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7... 		1 MB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22styleContext%22%3A%7B%22c%22%3A%22webkit%22%2C%22x%22%3A%5B%22isDesktop%22%5D%2C%22tokens%22%3A%5B%22markup%3A%2F%2Fforce%3AsldsTokens%22%2C%22markup%3A%2F%2Fforce%3Abase%22%2C%22markup%3A%2F%2Fforce%3AformFactorLarge%22%2C%22markup%3A%2F%2Fsurvey%3AsurveyNamespace%22%5D%2C%22tuid%22%3A%225290T1GmNnxyw5X0x0bDNg%22%2C%22cuid%22%3A1780590126%7D%2C%22pathPrefix%22%3A%22%2Fsurveys%22%7D/app.css?2=&aura.attributes=%7B%22invitationId%22%3A%220Ki4z000000nJu5%22%2C%22surveyName%22%3A%22csat_chat%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0b79899e3be956e4091d212344267831631b05313c7a9236e868b26790f0b761
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 21:18:20 GMT
date
Thu, 28 Sep 2023 21:18:20 GMT
akamai-grn
0.24b20f17.1695935900.180ac483
x-origin-cache-control
public,max-age=31536000,immutable
vary
Origin, Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
x-xss-protection
1; mode=block
expires
Fri, 27 Sep 2024 21:18:20 GMT
aura_prod.js
bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/ 		834 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41ffc9bd80bc2fd05acc4a7f5244eb8638b493da3f8f8c103ace06e3a608407e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Sep 2023 21:18:20 GMT
akamai-grn
0.24b20f17.1695935900.180ac4a5
server-timing
Total;dur=36
content-length
266431
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Mon, 07 Aug 2023 11:49:02 GMT
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=31390498
timing-allow-origin
*
expires
Thu, 26 Sep 2024 04:53:18 GMT
appcore.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%... 		1010 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/appcore.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7ed31723e3a184d0b13795c4f7ee6a7d8b40de192fd77734460e5cb6a1f94627
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Mon, 28 Aug 2023 12:27:42 GMT
date
Thu, 28 Sep 2023 21:18:20 GMT
akamai-grn
0.24b20f17.1695935900.180ac4a6
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
150390
x-xss-protection
1; mode=block
expires
Fri, 27 Sep 2024 21:18:20 GMT
app.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%... 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22serializationVersion%22%3A%221-244.20.4-2.41.4-b%22%2C%22parts%22%3A%22t%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/app.js?2=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9f45d96482dde73d48f28c23823709dc01382245f7376d85954274b700292ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Mon, 28 Aug 2023 12:27:42 GMT
date
Thu, 28 Sep 2023 21:18:20 GMT
akamai-grn
0.24b20f17.1695935900.180ac4a7
x-origin-cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-length
1108336
x-xss-protection
1; mode=block
expires
Fri, 27 Sep 2024 21:18:20 GMT
resources.js
bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%... 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/l/%7B%22mode%22%3A%22PROD%22%2C%22app%22%3A%22survey%3AruntimeApp%22%2C%22fwuid%22%3A%22MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ%22%2C%22loaded%22%3A%7B%22APPLICATION%40markup%3A%2F%2Fsurvey%3AruntimeApp%22%3A%22Fh4XMVaLwNskz73E2P7HJQ%22%7D%2C%22apce%22%3A1%2C%22apck%22%3A%22JHt0aW1lc3RhbXB9MDAwMDAwMDM1NjJlbl9VUw%22%2C%22mlr%22%3A1%2C%22pathPrefix%22%3A%22%2Fsurveys%22%2C%22dns%22%3A%22c%22%2C%22ls%22%3A1%2C%22lrmc%22%3A%22618546923%22%7D/resources.js?pv=16959330180001847275338&rv=1695754527000
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a18829706bf9177b8750673694c5ccebc7266867e6d614d132236378ea3373bd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 27 Sep 2023 21:18:20 GMT
date
Thu, 28 Sep 2023 21:18:20 GMT
akamai-grn
0.24b20f17.1695935900.180ac5d0
x-origin-cache-control
private,max-age=31536000,immutable
vary
Origin, Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
private,max-age=31536000,immutable
content-length
6915
x-xss-protection
1; mode=block
expires
Fri, 26 Jan 2024 21:18:20 GMT
aura
bamboohr.my.site.com/surveys/ 		83 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=0&aura.Component.getComponent=1&ui-survey-components-controller.SurveyRuntime.getFlowParameters=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7461b6514d074215a1d9d014755f338a1960cbf19e1155be1983324603635bbb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
71a646c6f39a2508
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
17561000007046ea10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Sep 2023 21:18:21 GMT
akamai-grn
0.24b20f17.1695935901.180acd01
server-timing
Total;dur=159
content-length
25198
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Sep 2022 21:18:21 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:18:21 GMT
aura
bamboohr.my.site.com/surveys/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=1&ui-interaction-runtime-components-controllers.FlowRuntime.runInterview=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
38b3be9dd91503ba78a1dfe9aa29f3cc3d69b37288402b1c577568ac07eeb5a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
71a646c6f39a2508
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
2159900000e95813d4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Sep 2023 21:18:21 GMT
akamai-grn
0.24b20f17.1695935901.180ad084
server-timing
Total;dur=151
content-length
2866
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Sep 2022 21:18:21 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:18:21 GMT
BambooHRLogoGreen_1
bamboohr.my.site.com/surveys/file-asset-public/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bamboohr.my.site.com/surveys/file-asset-public/BambooHRLogoGreen_1?oid=00D50000000JMqp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
489eb98ef6d6a3643e67d1f55c1aae74605c0ff8fac8c0d8aae9d05c44cb70c1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:18:21 GMT
last-modified
Fri, 08 Sep 2023 05:37:27 GMT
server
Akamai Image Manager
akamai-grn
0.24b20f17.1695935901.180ad0a2
x-origin-cache-control
no-transform, max-age=86400
x-frame-options
SAMEORIGIN
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=57973
content-length
4349
expires
Fri, 29 Sep 2023 13:24:34 GMT
aura
bamboohr.my.site.com/surveys/ 		1 MB
312 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=2&aura.Component.getComponentDef=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
009b02087839c267804199b7ff20fa69175e9c3622b87b082dceb7edb7a1042a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
71a646c6f39a2508
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
258860000049c0cb98
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Sep 2022 21:18:22 GMT
date
Thu, 28 Sep 2023 21:18:22 GMT
akamai-grn
0.24b20f17.1695935901.180ad49a
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
x-xss-protection
1; mode=block
expires
Wed, 28 Sep 2022 21:18:22 GMT
aura
bamboohr.my.site.com/surveys/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bamboohr.my.site.com/surveys/aura?r=3&ui-instrumentation-components-beacon.InstrumentationBeacon.sendData=1
Requested by
Host: bamboohr.my.site.com
URL: https://bamboohr.my.site.com/surveys/auraFW/javascript/MlRqRU5YT3pjWFRNenJranFOMWFjQXlMaWFpdmxPSTZWeEo0bWtiN0hsaXcyNDQuMjAuNC0yLjQxLjQ/aura_prod.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:e600::170f:b228 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
33a361ca1b6369b4a564b36fcdba4997d30f75760647f4aeb692a10915ba77ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bamboohr.my.site.com/surveys/survey/runtimeApp.app?invitationId=0Ki4z000000nJu5&surveyName=csat_chat&UUID=5204cd1f-6aad-44f2-8d61-7ce88d086c12&var_q_7fc5c56f_e9a0_484d_80a7_67d109bacdee_defaultValue=true
X-SFDC-Page-Cache
71a646c6f39a2508
accept-language
de-DE,de;q=0.9
X-SFDC-Request-Id
3275600000308b5d50
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 28 Sep 2023 21:18:22 GMT
akamai-grn
0.24b20f17.1695935902.180adaed
server-timing
Total;dur=49
content-length
1111
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Sep 2022 21:18:22 GMT
x-origin-cache-control
no-cache,must-revalidate,max-age=0,no-store,private
vary
Origin, Accept-Encoding
content-type
application/json;charset=UTF-8
cache-control
no-cache,must-revalidate,max-age=0,no-store,private
timing-allow-origin
*
expires
Wed, 28 Sep 2022 21:18:22 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| pageStartTime object| Aura object| AuraLocker object| AuraLockerDisabled object| $A object| aura function| DOMPurify function| Router object| picassoSPA

7 Cookies

Domain/Path Name / Value
bamboohr.my.site.com/ Name: CookieConsentPolicy
Value: 0:1
bamboohr.my.site.com/ Name: LSKey-c$CookieConsentPolicy
Value: 0:1
bamboohr.my.site.com/ Name: BrowserId
Value: jCrcCF5EEe65p5MBBQXPmw
bamboohr.my.site.com/ Name: BrowserId_sec
Value: jCrcCF5EEe65p5MBBQXPmw
bamboohr.my.site.com/ Name: sfdc-stream
Value: !wfBv0pXNCsWorwB6aVnhNMt5jXSEcSeZWPVvpUVnbpRxlfsEgv0C6hf+nmk6H74am1PAUtGHosJ8uQ==
.my.site.com/ Name: ak_bmsc
Value: 754CE0D4A5E896B87EE36220A66C55BA~000000000000000000000000000000~YAAQJLIPF7HEZMqKAQAASymo3RVLMhWh4kxV6FKvAvDbk/IA6Dzooehh1MwMgHxXvsZL7h9O2XCehR8RAb8WunEuM343O4BlO2N0OZ9CkKAlvhHR8tRAwOihqqq4hukbnEZ0rTD8ZA+AbyL7p9bKaRl9270V9jNCQHcfIlUWCBUnbxSpYO1Al0VA/F8I3AXC5Jh2YHyHCLvo0LxKa7t4ZKPbRj+ZNKT8ORc06OOAWQMGdchA0GxdmCn4jNcaIQYcGSRmChmabfzfNDrIdSoeis8XSbqVwqm7Sivw1jiQDbthG8qv52enMOkdOFUtWOubbp+o73AT63TkDcve/wrI4Zwqz7mbgh4CrNJbfvXjHJ27A6Y6X2e80ut+N18J4+abCVO6TMIEcPEcI2ftUDe9R8U=
.my.site.com/ Name: bm_sv
Value: 9BC5E31A5797EF83DACA521AF87A35FB~YAAQJLIPF8nEZMqKAQAAbDSo3RU8WrZ4lEbPboUqAmKHDtbr0xS309gWTNPWFk6Me/VUuQJe9+psWYvjsx4c5lufidHNFZK8evummU9r5IygsQwKRZ+T01DUhqIP3HyLLXXR2lpWrM09ibIl++hI6Sm55RsMJJo0NWxPsTlPXyo2EoUtjx/KGvxm4+dTKidLnTljMKCRFbT4DvFQbW0dnzJ8kf4fbfw0yuwRiBROg1sY9Vb48JH4KxgPqxns3fVEwA==~1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests default-src 'self'; script-src 'self' 'nonce-VoQDrxbLfCQ5JPBOrsubwS2gfcQVxQWY' chrome-extension: 'unsafe-eval' *.canary.lwc.dev *.vf.force.com blob: https://ssl.gstatic.com/accessibility/; object-src 'self'; style-src 'self' blob: chrome-extension: 'unsafe-inline' https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; img-src 'self' http: https: data: blob: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; media-src 'self' https://*.my.connect.aws/ https://*.amazonaws.com/ https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; frame-ancestors 'self'; frame-src blob: https: mailto: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; font-src 'self' https: data: https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com *.vf.force.com; connect-src 'self' https://api.bluetail.salesforce.com https://staging.bluetail.salesforce.com https://preprod.bluetail.salesforce.com https://clearbit.com https://*.clearbit.com https://amazonaws.com https://bhr-corp-stage-amazon-connect.s3.us-west-2.amazonaws.com https://bhr-corp-prod-amazon-connect.s3.us-west-2.amazonaws.com https://*.clmfed.docusign.com https://*.clm.docusign.mil https://*.docusign.net https://api.mixpanel.com https://*.springcm.com https://bamboohr.my.salesforce-scrt.com blob: *.vf.force.com; base-uri 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block