urlscan.io logo urlscan.io
SecurityTrails logo

app.bloomgrowth.com Open in urlscan Pro
35.161.216.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.bloomgrowth.com/
Effective URL: https://app.bloomgrowth.com/Account/Login
Submission: On October 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 22 HTTP transactions. The main IP is 35.161.216.72, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.bloomgrowth.com. The Cisco Umbrella rank of the primary domain is 175645.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 9th 2023. Valid for: a year.
This is the only time app.bloomgrowth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 35.161.216.72 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.106 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.75.106.146 8075 (MICROSOFT...)
2 2600:9000:223... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 34.149.155.70 396982 (GOOGLE-CL...)
22 8
7    35.161.216.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-216-72.us-west-2.compute.amazonaws.com
app.bloomgrowth.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.99.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-106.fra60.r.cloudfront.net
files.app.bloomgrowth.com
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    20.75.106.146 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bloomgrowth.referralrock.com
2    2600:9000:223f:ae00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    34.149.155.70 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 70.155.149.34.bc.googleusercontent.com
data.guides.bloomgrowth.com
Apex Domain
Subdomains		 Transfer
11 bloomgrowth.com
app.bloomgrowth.com — Cisco Umbrella Rank: 175645
files.app.bloomgrowth.com — Cisco Umbrella Rank: 282174
data.guides.bloomgrowth.com — Cisco Umbrella Rank: 183182
195 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
227 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1012
284 KB
2 referralrock.com
bloomgrowth.referralrock.com — Cisco Umbrella Rank: 275333
12 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
22 6
Domain Requested by
7 app.bloomgrowth.com 2 redirects app.bloomgrowth.com
5 cdnjs.cloudflare.com app.bloomgrowth.com
cdnjs.cloudflare.com
3 data.guides.bloomgrowth.com cdn.pendo.io
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.pendo.io app.bloomgrowth.com
2 bloomgrowth.referralrock.com files.app.bloomgrowth.com
bloomgrowth.referralrock.com
2 fonts.googleapis.com app.bloomgrowth.com
client
1 files.app.bloomgrowth.com app.bloomgrowth.com
22 8

This site contains links to these domains. Also see Links.

Domain
help.bloomgrowth.com
bloomgrowth.com
compliance.bloomgrowth.com
Subject Issuer Validity Valid
*.bloomgrowth.com
Amazon RSA 2048 M01		 2023-07-09 -
2024-08-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
files.app.bloomgrowth.com
Amazon RSA 2048 M01		 2023-08-30 -
2024-09-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.referralrock.com
R3		 2023-08-21 -
2023-11-19		 3 months crt.sh
cdn.pendo.io
Amazon RSA 2048 M02		 2023-06-30 -
2024-07-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
data.guides.bloomgrowth.com
GTS CA 1D4		 2023-09-12 -
2023-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.bloomgrowth.com/Account/Login
Frame ID: 184D35CE9962AC319322E2D6CB070BBC
Requests: 21 HTTP requests in this frame

Frame: https://bloomgrowth.referralrock.com/externaltrack/?transactionKey=58223edf-50bd-4dda-984a-b83316a8871b&scriptv=https%3A%2F%2Fbloomgrowth.referralrock.com%2FReferralSdk%2Freferral.js%3Freferrer%3Dhttps%253A%252F%252Fapp.bloomgrowth.com%252FAccount%252FLogin&sourceURL=https%3A%2F%2Fapp.bloomgrowth.com%2FAccount%2FLogin
Frame ID: 5C07BF3870E2173A6891211E04722A78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bloom Growth

Page URL History Show full URLs

  1. http://app.bloomgrowth.com/ HTTP 301
    https://app.bloomgrowth.com/ HTTP 302
    https://app.bloomgrowth.com/Account/Login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

765 kB
Transfer

2607 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.bloomgrowth.com/ HTTP 301
    https://app.bloomgrowth.com/ HTTP 302
    https://app.bloomgrowth.com/Account/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
app.bloomgrowth.com/Account/
Redirect Chain
  • http://app.bloomgrowth.com/
  • https://app.bloomgrowth.com/
  • https://app.bloomgrowth.com/Account/Login
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-216-72.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
a767b819f1679af9035be39a897c691b57b1300032a911cf83ad65a6caaafe49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 13:56:30 GMT
pragma
no-cache
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
0
date
Tue, 10 Oct 2023 13:56:30 GMT
location
/Account/Login
server
Kestrel
index.css
app.bloomgrowth.com/Scripts/app/dist/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.bloomgrowth.com/Scripts/app/dist/index.css
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-216-72.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
d0d942eb309b6d7ded0f1475ddef9a3e1f763145d7ce5e155b410f40936712db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
br
last-modified
Tue, 08 Aug 2023 15:51:25 GMT
server
Kestrel
etag
"1d9ca102f89b935"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Oct 2023 13:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 12:26:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Oct 2023 13:56:30 GMT
header.js
files.app.bloomgrowth.com/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.app.bloomgrowth.com/scripts/header.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-106.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55da5b801c3a6b0ce4417e85a3826a7f5b081ae7996fe1b36e8dcaf9611a5512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
2MIdMWZKQ07bpwwsGdXW7vKe.L3Ke0gg
content-encoding
br
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
date
Tue, 10 Oct 2023 05:34:36 GMT
last-modified
Fri, 24 Mar 2023 14:01:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
30114
x-amz-server-side-encryption
AES256
etag
W/"3d226b42083135a74cb60af25ea2f1e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SDs8lFgomIGe5rf9U6VBDlrYgm7Epd5I4itPRXHpw87WWvElKLKO7w==
react.development.js
cdnjs.cloudflare.com/ajax/libs/react/16.13.0/umd/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/react/16.13.0/umd/react.development.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa59029f64c9f5cdca7b6fed94c41f57c4b8222644dd0c943049ff0acb4f0f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
11856990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21844
last-modified
Mon, 04 May 2020 16:15:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fbd-19ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRfm5fbtggvBZ0qB6Ga4KnvdoYV2wjD8UonWXs2yuM9xI9Qz%2B6eQjKEhCYmKRxhjg0uD1FJMTFDdMrIY1c6dE%2BT4tUQ0HA3h0Ig2RWQlbzmFFZvmO8licLl2Q%2FZJq6OvAah30iKSP8UtgtR3Ka2N6CsL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813f5dfd79d135e6-FRA
expires
Sun, 29 Sep 2024 13:56:30 GMT
react-dom.development.js
cdnjs.cloudflare.com/ajax/libs/react-dom/16.13.0/umd/ 		886 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/react-dom/16.13.0/umd/react-dom.development.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec735a49be61970ffb934d84867857769b421e9a23fc28c33cfff016c1a31be8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
44060
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156534
last-modified
Mon, 04 May 2020 16:15:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fb8-dd657"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3yjTEm%2Fn%2Ffc7%2Fa0gHU8bxzGb3w%2Br%2FkTam%2FkpaNFo1ngqhIIdJzwtuUGdT5f%2BV%2Fbk4XUbmrkVCrvgFOjdHgqJ0hpsZJEO1ymok9LZSdB5ItIL8jhqNQdXyyucQ2sbhWITn6n%2BuuOxUXIQJ9fsitmdVwE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813f5dfd79d435e6-FRA
expires
Sun, 29 Sep 2024 13:56:30 GMT
remarkable.min.js
cdnjs.cloudflare.com/ajax/libs/remarkable/1.7.1/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/remarkable/1.7.1/remarkable.min.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d02db3afbf5f2b04b3d139445fedd07fb4783dc44fa3696eacec85692a7a27
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12426486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27670
last-modified
Mon, 04 May 2020 16:15:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fbf-17f0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXM1%2BudqqmXSTYmOsJPFbKK20TLDtaw2LapbV%2FgnUk9UGv7IESg5Lc%2Bgls5PqqB0HVRaFBI6kDtb%2F97vQoZdwCYQhKeOEV1JqpteCuTMz5Fq6dR0sTAuUkrcVLeRt6STQIVsiVFiwLiNVbC3DMJz3rl8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813f5dfd79d635e6-FRA
expires
Sun, 29 Sep 2024 13:56:30 GMT
index.js
app.bloomgrowth.com/Scripts/app/dist/ 		424 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.bloomgrowth.com/Scripts/app/dist/index.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-216-72.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
8c44969c2fb5d60c65f5cf89cf89faf994c76d199b668fc15c16cc25400fbae2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
br
last-modified
Tue, 08 Aug 2023 15:51:25 GMT
server
Kestrel
etag
"1d9ca102f8f5d33"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
pendo.min.js
app.bloomgrowth.com/wwwroot/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.bloomgrowth.com/wwwroot/bundles/pendo.min.js?v=Q6Fx4IbijbASBn5hddAca
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-216-72.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
88dc0d497c8a44f0a7aa717c945ad5d5049c9177d375f8f5db358a8858c3add5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
br
last-modified
Tue, 08 Aug 2023 15:48:39 GMT
server
Kestrel
etag
"1d9ca0fcc986295"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
referral.js
bloomgrowth.referralrock.com/ReferralSdk/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloomgrowth.referralrock.com/ReferralSdk/referral.js?referrer=https%3A%2F%2Fapp.bloomgrowth.com%2FAccount%2FLogin
Requested by
Host: files.app.bloomgrowth.com
URL: https://files.app.bloomgrowth.com/scripts/header.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.106.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7fadc766f0c2e066427b3099f8dd92c11168039ac234ee43cdddf4e6f019638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
no-cache
request-context
appId=cid-v1:683234c1-44ae-4c0f-a0cc-363d1e4dad53
pendo.js
cdn.pendo.io/agent/static/fe414a02-990e-4a50-5e65-655bfee68791/ 		428 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/fe414a02-990e-4a50-5e65-655bfee68791/pendo.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0bc8bf23b32b3f5d5abca8c6a934472c96195055f4dee58ffd8853729b6ba0dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
61
x-guploader-uploadid
ADPycdtAjkfnN3zSKkpitwynzc5UviI4wazftBEd7ECuDLl3OOgCD5rz5FPUO4VDUXdexLuK9Jm9IwYgOClrJtgJNZrhAwviaTAL
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
144530
last-modified
Thu, 05 Oct 2023 18:13:50 GMT
server
UploadServer
etag
"11f7a03b10dd30b1b3dd72e059fc78e9"
vary
Accept-Encoding
x-goog-generation
1696529630145328
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=3E+k8Q==, md5=EfegOxDdMLGz3XLgWfx46Q==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
144530
accept-ranges
bytes
x-amz-cf-id
snmw4mubXsPd-XQGZsylsjlmksz2hP0DE2gm6vAiZMZRzZUsNK25Zg==
expires
Tue, 10 Oct 2023 14:03:00 GMT
/
bloomgrowth.referralrock.com/externaltrack/ Frame 5C07 		827 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bloomgrowth.referralrock.com/externaltrack/?transactionKey=58223edf-50bd-4dda-984a-b83316a8871b&scriptv=https%3A%2F%2Fbloomgrowth.referralrock.com%2FReferralSdk%2Freferral.js%3Freferrer%3Dhttps%253A%252F%252Fapp.bloomgrowth.com%252FAccount%252FLogin&sourceURL=https%3A%2F%2Fapp.bloomgrowth.com%2FAccount%2FLogin
Requested by
Host: bloomgrowth.referralrock.com
URL: https://bloomgrowth.referralrock.com/ReferralSdk/referral.js?referrer=https%3A%2F%2Fapp.bloomgrowth.com%2FAccount%2FLogin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.75.106.146 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b815043821f762e6f1f364ad484e7d4181b01cd2f7c9bc27147fcd19d99aa804

Request headers

Referer
https://app.bloomgrowth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
670
content-type
text/html; charset=utf-8
date
Tue, 10 Oct 2023 13:56:32 GMT
request-context
appId=cid-v1:683234c1-44ae-4c0f-a0cc-363d1e4dad53
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
css2
fonts.googleapis.com/ 		1 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Oct 2023 13:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/ro
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 13:32:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Oct 2023 13:56:33 GMT
b482db4d0512cbe69128c8942855f446-Bloom-growth-logo.png
app.bloomgrowth.com/Scripts/app/dist/images/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.bloomgrowth.com/Scripts/app/dist/images/b482db4d0512cbe69128c8942855f446-Bloom-growth-logo.png
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Account/Login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-216-72.us-west-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
0fb2506db825ed408932c6ddcb1f82945ed68363d91f151f7e9ddb5280ce1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/Account/Login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:33 GMT
last-modified
Tue, 08 Aug 2023 15:45:37 GMT
server
Kestrel
accept-ranges
bytes
etag
"1d9ca0f601dfbd6"
content-length
40278
content-type
image/png
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/Scripts/app/dist/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
56002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9939
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-da9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54W5HCs0HtQRhjn24nGoQLX9PHdYFfLRCnj9vlhw8hG2JFtKFJBaUMO0pnfcEpF%2FVjAmOYOm7yequUcb3CNoGy5PaNkZaST8tV2ZG04yzflYxMsh2BFmdMW8OGn9wKgKiZvJYEzHobP3UscC4tDGCqSp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813f5e0b9d2f35e6-FRA
expires
Sun, 29 Sep 2024 13:56:33 GMT
pendo.js
cdn.pendo.io/agent/static/fe414a02-990e-4a50-5e65-655bfee68791/ 		428 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/fe414a02-990e-4a50-5e65-655bfee68791/pendo.js
Requested by
Host: app.bloomgrowth.com
URL: https://app.bloomgrowth.com/wwwroot/bundles/pendo.min.js?v=Q6Fx4IbijbASBn5hddAca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ae00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0bc8bf23b32b3f5d5abca8c6a934472c96195055f4dee58ffd8853729b6ba0dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:31 GMT
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
63
x-guploader-uploadid
ADPycdtAjkfnN3zSKkpitwynzc5UviI4wazftBEd7ECuDLl3OOgCD5rz5FPUO4VDUXdexLuK9Jm9IwYgOClrJtgJNZrhAwviaTAL
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
144530
last-modified
Thu, 05 Oct 2023 18:13:50 GMT
server
UploadServer
etag
"11f7a03b10dd30b1b3dd72e059fc78e9"
vary
Accept-Encoding
x-goog-generation
1696529630145328
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=3E+k8Q==, md5=EfegOxDdMLGz3XLgWfx46Q==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
144530
accept-ranges
bytes
x-amz-cf-id
TxSwJHD8acv3iBQs3byrCU-zd1uw6-mqXBtE3xshHiHfqIZK2RaciQ==
expires
Tue, 10 Oct 2023 14:03:00 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.9.0/css/all.min.css
Origin
https://app.bloomgrowth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:33 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1710283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13580
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-350c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1%2Fin6XZjjuf2gCa%2F%2FnDHuPIPX%2FMTV1NIVc0HZogckk65sMko7G1YdEluEgNG7OouuWu7YdfJDcZQ4yCaaqQSkscz3mDYav%2BCl69kgxj5q9AovDrZd2%2ByLDQfmKl%2B9df3KsKSsB38X1BNsI4c3rIgrEp"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
813f5e0be9ca39df-FRA
expires
Sun, 29 Sep 2024 13:56:33 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bloomgrowth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 16:54:52 GMT
x-content-type-options
nosniff
age
421301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 16:54:52 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bloomgrowth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 03:38:46 GMT
x-content-type-options
nosniff
age
469067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 03:38:46 GMT
fe414a02-990e-4a50-5e65-655bfee68791
data.guides.bloomgrowth.com/data/ptm.gif/ 		42 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.guides.bloomgrowth.com/data/ptm.gif/fe414a02-990e-4a50-5e65-655bfee68791?v=2.204.1_prod&ct=1696946193777&jzb=eJzFUduK6jAU_Zc8S5te7MU3wXFGcObIjHKQwxDSNtZAm5Q0tXTEf3dHi3hAfBgQQx_avbMuXevfHumuYmiEeMaE5psODVCiZFszRTQvYeMEcRD7gRN7YRAO0I7XXEtFeAagSsmMxKcDOJqmshH61qpRBcy2Wlf1yLZpVVlJIWWZg5LeWqks7fEZbM9lzgUgAF_VaLRHssjIf6Jk8fIx-UOWxN1Gr_gtFZsgBIC5d-1ANEXxO7sHUKcK4ljSZHZh0ucPNP0cr5P3H96unMV05rfAtFG0ZKelVmL-dxKto27dTleJkUk6zeBHvKF3GFzSLpmmd5OOn5B0L2hebxAXVOQNzY17Jsjqy8TU-7iJuKTY68ElGGVUGwYH2_C42PWAecdUzaWAsWu52LccYngeVEMYXdVQSJrdqyHET6jBmOqteNjHlo_hOEN3GIXxQzJxA-_wfQRJ_Urb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:34 GMT
via
1.1 google
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
110
access-control-allow-headers
*
content-length
42
alt-svc
clear
fe414a02-990e-4a50-5e65-655bfee68791
data.guides.bloomgrowth.com/data/guide.js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.guides.bloomgrowth.com/data/guide.js/fe414a02-990e-4a50-5e65-655bfee68791?id=5&jzb=eJxtjjEPgjAQhf_LzaaF6iKbo4mbcSYnNKUJ9Jr2wMHw3znUsMilQ_Peve_dGyafPVO6tlBBTNTW58_AAbBpaAy844ypF61jjrnSGmNUz55ocIle3KmGBn35ZvWNnA-SGCxji4xQbY3r1_-zewxuRGfFsKF-3GHeLtlNiB0x2cC_SlkSSbpWQlloeaYwRyFPNmVPQWSjTHFSZb1yYJ4XqCxTUw&v=2.204.1_prod&ct=1696946193779
Requested by
Host: cdn.pendo.io
URL: https://cdn.pendo.io/agent/static/fe414a02-990e-4a50-5e65-655bfee68791/pendo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9a0364ca2b4682fee9b317e9d87652abb42d6e392a32dc5b114f80adc756fee1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
via
1.1 google
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
27
access-control-allow-headers
*
content-length
1731
alt-svc
clear
fe414a02-990e-4a50-5e65-655bfee68791
data.guides.bloomgrowth.com/data/guide.gif/ 		42 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.guides.bloomgrowth.com/data/guide.gif/fe414a02-990e-4a50-5e65-655bfee68791?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1696946193780&v=2.204.1_prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.155.70 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
70.155.149.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.bloomgrowth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 13:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
via
1.1 google
server
istio-envoy
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
x-envoy-upstream-service-time
2
access-control-allow-headers
*
content-length
57
alt-svc
clear

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setRRCookie function| deleteRRCookie function| getRRCookie object| referralJS object| pendo object| React object| ReactDOM function| Remarkable boolean| isRRJSScriptLoaded function| executeIfRRScriptNotLoaded object| GenericWidget object| pendoData string| baseDomain

3 Cookies

Domain/Path Name / Value
app.bloomgrowth.com/ Name: .AspNetCore.Antiforgery.9TtSrW0hzOs
Value: CfDJ8NKSR_h1Yf5DpNev776SSROzIRgksNfuHzDX6cGaTTveafPKzUOqF5zMfdnQqDpihzJcbbRR3091vyRxa3tp0Ah7RveyMknsgGaM5uRwaIYdBIll6YAKcPL-zDTJhCAXt8u8nKPQpjMEBakvBXTV_Fg
app.bloomgrowth.com/ Name: AWSALB
Value: gzfFBxr+7wYXnss7PFDjI5RjULXbFL+9UZ1m0n0lQjKuJJvbpnesFAGKwvixfuvwheggsq76BoQwUKZ2/CCb0J1qSoWSbhRef6jrucZtb09mKBN/jVV5izjGAI5Z
app.bloomgrowth.com/ Name: AWSALBCORS
Value: gzfFBxr+7wYXnss7PFDjI5RjULXbFL+9UZ1m0n0lQjKuJJvbpnesFAGKwvixfuvwheggsq76BoQwUKZ2/CCb0J1qSoWSbhRef6jrucZtb09mKBN/jVV5izjGAI5Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.bloomgrowth.com
bloomgrowth.referralrock.com
cdn.pendo.io
cdnjs.cloudflare.com
data.guides.bloomgrowth.com
files.app.bloomgrowth.com
fonts.googleapis.com
fonts.gstatic.com
13.32.99.106
20.75.106.146
2600:9000:223f:ae00:1f:aa31:7740:93a1
2606:4700::6811:190e
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
34.149.155.70
35.161.216.72
0bc8bf23b32b3f5d5abca8c6a934472c96195055f4dee58ffd8853729b6ba0dc
0fb2506db825ed408932c6ddcb1f82945ed68363d91f151f7e9ddb5280ce1ba5
1fa59029f64c9f5cdca7b6fed94c41f57c4b8222644dd0c943049ff0acb4f0f3
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
55da5b801c3a6b0ce4417e85a3826a7f5b081ae7996fe1b36e8dcaf9611a5512
88dc0d497c8a44f0a7aa717c945ad5d5049c9177d375f8f5db358a8858c3add5
8c44969c2fb5d60c65f5cf89cf89faf994c76d199b668fc15c16cc25400fbae2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96d02db3afbf5f2b04b3d139445fedd07fb4783dc44fa3696eacec85692a7a27
9a0364ca2b4682fee9b317e9d87652abb42d6e392a32dc5b114f80adc756fee1
a767b819f1679af9035be39a897c691b57b1300032a911cf83ad65a6caaafe49
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
b815043821f762e6f1f364ad484e7d4181b01cd2f7c9bc27147fcd19d99aa804
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d0d942eb309b6d7ded0f1475ddef9a3e1f763145d7ce5e155b410f40936712db
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
ec735a49be61970ffb934d84867857769b421e9a23fc28c33cfff016c1a31be8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7fadc766f0c2e066427b3099f8dd92c11168039ac234ee43cdddf4e6f019638
fe9f0570e6ea6a6e5c70f2e83fd46883a62e5fdd1ffce04471bedf0dbd23166e