urlscan.io logo urlscan.io
SecurityTrails logo

appletreeacademy.bamboohr.com Open in urlscan Pro
2606:4700::6810:5555  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://appletreeacademy.bamboohr.com/
Effective URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Submission: On February 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6810:5555, located in United States and belongs to CLOUDFLARENET, US. The main domain is appletreeacademy.bamboohr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 3rd 2021. Valid for: a year.
This is the only time appletreeacademy.bamboohr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
21 6
17    2606:4700::6810:5555 (United States)

ASN13335 (CLOUDFLARENET, US)
appletreeacademy.bamboohr.com
resources.bamboohr.com
1    2600:9000:20eb:a400:2:53a3:f700:93a1 (United States)

ASN16509 (AMAZON-02, US)
images7.bamboohr.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
11 resources.bamboohr.com appletreeacademy.bamboohr.com
resources.bamboohr.com
6 appletreeacademy.bamboohr.com 2 redirects resources.bamboohr.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com appletreeacademy.bamboohr.com
1 cdnjs.cloudflare.com appletreeacademy.bamboohr.com
1 images7.bamboohr.com appletreeacademy.bamboohr.com
0 stats.g.doubleclick.net Failed www.google-analytics.com
21 7

This site contains links to these domains. Also see Links.

Domain
www.bamboohr.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-03 -
2022-02-02		 a year crt.sh
bamboohr.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
*.bamboohr.com
Amazon		 2020-08-06 -
2021-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Frame ID: 023BC0D409C2049DD18E33CA79F05B8D
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://appletreeacademy.bamboohr.com/ HTTP 302
    https://appletreeacademy.bamboohr.com/home/ HTTP 302
    https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

21
Requests

95 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

3062 kB
Transfer

7900 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://appletreeacademy.bamboohr.com/ HTTP 302
    https://appletreeacademy.bamboohr.com/home/ HTTP 302
    https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
appletreeacademy.bamboohr.com/
Redirect Chain
  • https://appletreeacademy.bamboohr.com/
  • https://appletreeacademy.bamboohr.com/home/
  • https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
54 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902c9f348520ab831634cdb66c8bfe82c7a0bf32fb3862d0a5fd79e5cd831b97
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
appletreeacademy.bamboohr.com
:scheme
https
:path
/login.php?r=%2Fhome%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d0f71a0ffdc08eb95805792f689fbf54c1612381349; PHPSESSID=SM3Gl4j1smqBXlDp2XEnSPFOIO58jwe3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Authorization,User-Agent
x-frame-options
SAMEORIGIN
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
x-content-type-options
nosniff
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
080b0400c5000064c7191d1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
61bea2ae0e1564c7-FRA

Redirect headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=SM3Gl4j1smqBXlDp2XEnSPFOIO58jwe3; path=/; secure; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
location
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Authorization,User-Agent
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
080b03fea3000064c70e86a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
61bea2aa9d2f64c7-FRA
global.67b55449.dist.css
resources.bamboohr.com/css/ 		603 KB
200 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/global.67b55449.dist.css
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca58931b24bd6bcdf53ee75636459cb448070ee4ddafd333f238d338acfdb7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 29 Jan 2021 17:27:23 GMT
server
cloudflare
age
438986
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd092c52-FRA
cf-request-id
080b04032800002c52f89d2000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
global-jade.599e2d70.dist.css
resources.bamboohr.com/css/ 		196 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308b838dac52a2a8615e85155f9f4af413b79493f22bb0d1fca8bf3c8085fe79
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 07 Jan 2021 21:44:23 GMT
server
cloudflare
age
2324063
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd0d2c52-FRA
cf-request-id
080b04032800002c523230a000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
login.fecaff95.dist.css
resources.bamboohr.com/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/css/login.fecaff95.dist.css
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81518fdf171d0db3db479e4a8aec808f63ea041408ec65c5c05565f68b2d7010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2020 15:35:22 GMT
server
cloudflare
age
3425532
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd0e2c52-FRA
cf-request-id
080b04032900002c5207ae0000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
vendor.251019e6.dist.js
resources.bamboohr.com/js/ 		3 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/vendor.251019e6.dist.js
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13102e45e56159832fb8c4368a2de204dab6901a9909936f2a3b90e83eede7b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 27 Jan 2021 15:50:31 GMT
server
cloudflare
age
617004
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd0f2c52-FRA
cf-request-id
080b04032800002c524bb46000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
common.6377b976.dist.js
resources.bamboohr.com/js/ 		1 MB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/common.6377b976.dist.js
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c3143a261721a525929f28a725441380a7117825d9eb68323adc419ef131dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 02 Feb 2021 19:03:15 GMT
server
cloudflare
age
84985
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd132c52-FRA
cf-request-id
080b04032900002c5226bf8000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
head.b82c5521.dist.js
resources.bamboohr.com/js/ 		382 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/head.b82c5521.dist.js
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c262df386b392f50a91901d6160508ed49395f560ce99dea8c7bf325bc11da2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 05 Jan 2021 20:44:05 GMT
server
cloudflare
age
2501062
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b1dd112c52-FRA
cf-request-id
080b04032900002c52d6aa0000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
cropped.jpg
images7.bamboohr.com/307972/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images7.bamboohr.com/307972/logos/cropped.jpg?v=26
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:a400:2:53a3:f700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbf3d740277f3a5478594e30b90b240b3f55c930984dbdd00d75b84d97571484

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:32 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront)
last-modified
Wed, 03 Feb 2021 19:41:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"7f8cc4d75c08ad89f7d1ad6dd09cb72b"
x-cache
Miss from cloudfront
x-amz-version-id
B4k9xaHLYcsFJxvR2LvVy_IWvgmE4alr
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/octet-stream
content-length
1807
x-amz-cf-id
dckr2JRE5Sz9fnhS84r6KHbAbU3uTUrm_ZLbnNBo01uBEcTnkPtvcA==
jstz.min.js
cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.4/jstz.min.js
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1205402
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1595
cf-request-id
080b040390000024882f875000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ece-14dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p95qy9TxiUfa8BNvK%2Fa%2F7X0Qh2eijMe6hJH7FHYCSk0GUgUiLF%2FJItYI6F5mg8BNelqUacn9f8NYZyHhrH899KMBxR%2Bo0FhIjzHV%2FkDaJh5BNBYFDAYaxOeVnjGNNp0mcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61bea2b27e972488-FRA
expires
Mon, 24 Jan 2022 19:42:30 GMT
login.fecaff95.dist.js
resources.bamboohr.com/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/js/login.fecaff95.dist.js
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff50a1621aa465e56a3e27277076ca2cfffc00bb1bcb66a05a8e3963c98daf41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 24 Dec 2020 15:35:22 GMT
server
cloudflare
age
3426025
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
61bea2b2af352c52-FRA
cf-request-id
080b0403ac00002c52f89dc000000001
expires
Thu, 03 Feb 2022 19:42:30 GMT
print.css
resources.bamboohr.com/21.0203.105132-5702801/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/21.0203.105132-5702801/css/print.css?cb=7df2aaef
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5233ecbd1df0d474c743f01863dc11c0cb704406c7e3d0f36581398c26b4722
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 03 Feb 2021 17:51:29 GMT
server
cloudflare
age
4517
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=259200
cf-ray
61bea2b44b3b2c52-FRA
cf-request-id
080b0404ad00002c52d6acf000000001
expires
Sat, 06 Feb 2021 19:42:31 GMT
gtm.js
www.googletagmanager.com/ 		127 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-ZC3S
Requested by
Host: appletreeacademy.bamboohr.com
URL: https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2022508745c9c3103139648cec602f98e9ae08c93e254a665e68df8d87bbc42a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47130
x-xss-protection
0
last-modified
Wed, 03 Feb 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Feb 2021 19:42:31 GMT
i18n.php
appletreeacademy.bamboohr.com/js/locale/ 		251 KB
92 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://appletreeacademy.bamboohr.com/js/locale/i18n.php?lang=en_US&ns=translation+moment
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/js/vendor.251019e6.dist.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95aca80f0f24e1b5bb41da0a19526c1949e210977f047b2cd64f46046bbb148
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,User-Agent
content-type
application/json
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
cf-ray
61bea2b3df6b64c7-FRA
cf-request-id
080b040468000064c7191e4000000001
fabric.94a3b6be.dist.svg
appletreeacademy.bamboohr.com/images/ 		2 MB
898 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://appletreeacademy.bamboohr.com/images/fabric.94a3b6be.dist.svg
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/js/vendor.251019e6.dist.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a2d2266b9a59d4d51779802d39d548586f84fd989e42a51759a97b8ffbe48f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Feb 2021 18:05:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,User-Agent, Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
strict-transport-security
max-age=31536000; includeSubdomains;
cf-ray
61bea2b45f8964c7-FRA
cf-request-id
080b0404bb000064c71b329000000001
expires
Thu, 03 Feb 2022 19:42:31 GMT
Lato-Semibold.woff2
resources.bamboohr.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Semibold.woff2?cb=0b999974
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aa097c08a7ec2f1ab6ee35e48f8fce68d0abd7dc05a91d73920ea5838cba464
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://appletreeacademy.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Feb 2021 17:51:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
61bea2b48f1fdfd3-FRA
content-length
27852
cf-request-id
080b0404d60000dfd3473ba000000001
expires
Thu, 03 Feb 2022 19:42:31 GMT
Lato-Regular.woff2
resources.bamboohr.com/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Regular.woff2?cb=eb87a233
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3454cd4b63c4ebea45cf074e8a8131f9f1e1b9edf471370cb2b918c857c721a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://appletreeacademy.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Feb 2021 17:51:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
61bea2b48f20dfd3-FRA
content-length
27968
cf-request-id
080b0404d70000dfd3fe373000000001
expires
Thu, 03 Feb 2022 19:42:31 GMT
Lato-Heavy.woff2
resources.bamboohr.com/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.bamboohr.com/fonts/Lato-Heavy.woff2?cb=7bc49d92
Requested by
Host: resources.bamboohr.com
URL: https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ffe8f087515c5af83a5ec69467f6805a6abf433f64c0f6ea6d8e2eeb853adf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://appletreeacademy.bamboohr.com
Referer
https://resources.bamboohr.com/css/global-jade.599e2d70.dist.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 03 Feb 2021 17:51:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
61bea2b48f23dfd3-FRA
content-length
28412
cf-request-id
080b0404d70000dfd34f390000000001
expires
Thu, 03 Feb 2022 19:42:31 GMT
truncated
/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/plain
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ZC3S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1708
date
Wed, 03 Feb 2021 19:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 03 Feb 2021 21:14:03 GMT
collect
www.google-analytics.com/j/ 		2 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1689097569&t=pageview&_s=1&dl=https%3A%2F%2Fappletreeacademy.bamboohr.com%2Flogin.php%3Fr%3D%252Fhome%252F&ul=en-us&de=UTF-8&dt=Login%20%E2%80%93%20AppleTree%20Academy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1314748791&gjid=42605137&cid=1265304404.1612381351&tid=UA-5806974-3&_gid=527627778.1612381351&_r=1&gtm=2wg1r0ZC3S&z=1595012016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Feb 2021 19:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appletreeacademy.bamboohr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
parse_csp_report.php
appletreeacademy.bamboohr.com/ajax/ 		0
102 B 		Other
General
Check archive.org
Download Go to
Full URL
https://appletreeacademy.bamboohr.com/ajax/parse_csp_report.php
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5555 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff

Request headers

Referer
https://appletreeacademy.bamboohr.com/login.php?r=%2Fhome%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 03 Feb 2021 19:42:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains;
content-type
text/html; charset=UTF-8
content-security-policy
default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
cf-ray
61bea2b62ff964c7-FRA
vary
Accept-Encoding, Authorization,User-Agent
cf-request-id
080b0405d9000064c724ad9000000001
collect
stats.g.doubleclick.net/j/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-5806974-3&cid=1265304404.1612381351&jid=1314748791&gjid=42605137&_gid=527627778.1612381351&_u=YEBAAAAAAAAAAC~&z=1774694217

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| webpackJsonp object| BambooHR string| GLOBAL_DATEPICKER_MASK function| $ function| jQuery function| setImmediate function| clearImmediate function| Res function| res function| DP_jQuery_1612381350943 function| _ function| moment function| sprintf function| getStylesFromString function| mergeStyleStrings object| i18next object| React function| applyFocusVisiblePolyfill object| ReactDom number| 2f1acc6c3a606b082e5eef5e54414ffb function| setMessage function| closeMessage object| jQuery18308641528160323793 function| attachCSRFTokens function| attachCSRFInput function| microTemplate string| CSRF_TOKEN object| jstz object| loginErrors object| bambooAlert function| postscribe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.appletreeacademy.bamboohr.com/ Name: _gid
Value: GA1.3.527627778.1612381351
.appletreeacademy.bamboohr.com/ Name: _gat_UA-5806974-3
Value: 1
.appletreeacademy.bamboohr.com/ Name: _ga
Value: GA1.3.1265304404.1612381351
appletreeacademy.bamboohr.com/ Name: PHPSESSID
Value: SM3Gl4j1smqBXlDp2XEnSPFOIO58jwe3
.bamboohr.com/ Name: __cfduid
Value: d0f71a0ffdc08eb95805792f689fbf54c1612381349

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: blob: https://*.bamboohr.com https://*.bamboohr.co.uk *.cloudfront.net https://*.facebook.com https://*.linkedin.com https://*.segment.io https://*.small-improvements.com https://api.rollbar.com https://app.bamboohr.com https://app.bamboohr.co.uk https://bam.nr-data.net https://connect.facebook.net *.algolianet.com *.algolia.net embedwistia-a.akamaihd.net app.pendo.io cdn.pendo.io pendo-io-extensions.storage.googleapis.com pendo-static-5734959405072384.storage.googleapis.com https://*.wistia.com https://*.wistia.net https://fonts.googleapis.com https://fonts.gstatic.com https://example.com https://www.google-analytics.com https://payments.subscriptionplatform.com https://s-static.ak.facebook.com themes.googleusercontent.com https://wufoo.com https://*.wufoo.com https://www.google.com https://tagmanager.google.com https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com accounts.google.com maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; script-src 'self' *.bamboohr.com *.bamboohr.co.uk data: blob: about https://cdn.api.twitter.com https://connect.facebook.net https://bam.nr-data.net *.cloudfront.net https://accounts.google.com *.newrelic.com http://*.newrelic.com https://fast.wistia.net https://fast.wistia.com get.bamboohr.com *.algolianet.com *.algolia.net app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-5734959405072384.storage.googleapis.com https://pi.pardot.com https://www.my1login.com https://app.onelogin.com https://ajax.googleapis.com http://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com https://tagmanager.google.com https://www.google-analytics.com https://www.google.com https://s3.amazonaws.com https://cdnjs.cloudflare.com https://wufoo.com https://*.wufoo.com https://*.linkedin.com https://bat.bing.com/bat.js https://www.googleadservices.com/pagead/conversion_async.js https://s.adroll.com/j/roundtrip.js https://*.segment.com https://*.segment.io https://bamboohr.formstack.com https://static.formstack.com https://storage.googleapis.com/code.snapengage.com/ https://www.snapengage.com https://cdn.plaid.com https://*.pusher.com wss://*.pusher.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/recaptcha/ maps.googleapis.com 'unsafe-inline' 'unsafe-eval' ; img-src * data: blob: ; report-uri /ajax/parse_csp_report.php
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appletreeacademy.bamboohr.com
cdnjs.cloudflare.com
images7.bamboohr.com
resources.bamboohr.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
stats.g.doubleclick.net
2600:9000:20eb:a400:2:53a3:f700:93a1
2606:4700::6810:135e
2606:4700::6810:5555
2a00:1450:4001:809::200e
2a00:1450:4001:824::2008
13102e45e56159832fb8c4368a2de204dab6901a9909936f2a3b90e83eede7b4
2022508745c9c3103139648cec602f98e9ae08c93e254a665e68df8d87bbc42a
308b838dac52a2a8615e85155f9f4af413b79493f22bb0d1fca8bf3c8085fe79
3454cd4b63c4ebea45cf074e8a8131f9f1e1b9edf471370cb2b918c857c721a4
38c3143a261721a525929f28a725441380a7117825d9eb68323adc419ef131dd
538f30288aa121eb73b8f5408eaf086bd42ae067460dc99bb859f4a18950bae0
5c262df386b392f50a91901d6160508ed49395f560ce99dea8c7bf325bc11da2
5ca58931b24bd6bcdf53ee75636459cb448070ee4ddafd333f238d338acfdb7d
81518fdf171d0db3db479e4a8aec808f63ea041408ec65c5c05565f68b2d7010
902c9f348520ab831634cdb66c8bfe82c7a0bf32fb3862d0a5fd79e5cd831b97
9aa097c08a7ec2f1ab6ee35e48f8fce68d0abd7dc05a91d73920ea5838cba464
a5233ecbd1df0d474c743f01863dc11c0cb704406c7e3d0f36581398c26b4722
b4ffe8f087515c5af83a5ec69467f6805a6abf433f64c0f6ea6d8e2eeb853adf
b95aca80f0f24e1b5bb41da0a19526c1949e210977f047b2cd64f46046bbb148
b9a2d2266b9a59d4d51779802d39d548586f84fd989e42a51759a97b8ffbe48f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fbf3d740277f3a5478594e30b90b240b3f55c930984dbdd00d75b84d97571484
ff50a1621aa465e56a3e27277076ca2cfffc00bb1bcb66a05a8e3963c98daf41