urlscan.io logo urlscan.io
SecurityTrails logo

api-stg.bloombergconnects.org Open in urlscan Pro
2600:9000:2156:2800:14:82c5:cb80:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://api-stg.bloombergconnects.org/
Effective URL: https://api-stg.bloombergconnects.org/
Submission: On July 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2600:9000:2156:2800:14:82c5:cb80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is api-stg.bloombergconnects.org.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 15th 2021. Valid for: a year.
This is the only time api-stg.bloombergconnects.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2600:9000:215... 16509 (AMAZON-02)
2 151.101.113.73 54113 (FASTLY)
13 2
Apex Domain
Subdomains		 Transfer
12 bloombergconnects.org
api-stg.bloombergconnects.org
643 KB
2 bwbx.io
assets.bwbx.io
72 KB
13 2
Domain Requested by
12 api-stg.bloombergconnects.org 1 redirects api-stg.bloombergconnects.org
2 assets.bwbx.io api-stg.bloombergconnects.org
13 2

This site contains no links.

Subject Issuer Validity Valid
cms-stg.bloombergconnects.org
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-15 -
2022-04-20		 a year crt.sh
www.bloomberg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-29 -
2022-03-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api-stg.bloombergconnects.org/
Frame ID: F68C46951C423A936165A05A414E086D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://api-stg.bloombergconnects.org/ HTTP 301
    https://api-stg.bloombergconnects.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

715 kB
Transfer

2358 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://api-stg.bloombergconnects.org/ HTTP 301
    https://api-stg.bloombergconnects.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api-stg.bloombergconnects.org/
Redirect Chain
  • http://api-stg.bloombergconnects.org/
  • https://api-stg.bloombergconnects.org/
547 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7f19dfcd6bd47935624650d3ee1df2bace5ce3e62259bd16faab8af2da6a1df0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
api-stg.bloombergconnects.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-length
547
x-frame-options
Deny
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
surrogate-control
no-store
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
etag
W/"223-0UQhjPxheTw6YS4Ieiq6CkIqczY"
date
Tue, 06 Jul 2021 19:23:31 GMT
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
7XmFpBVhssPtz592cAloWW7BCcwVLlnxLdxLGy-HYM383zTnPWrqGw==

Redirect headers

Server
CloudFront
Date
Tue, 06 Jul 2021 19:23:30 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://api-stg.bloombergconnects.org/
X-Cache
Redirect from cloudfront
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
bsdzPXdRkDhww_bteA2Mh2iGuwqAD4chSyQWO55XYpSaDtPE3n2kgg==
vendors~main-8b5570052e47df37e6f1.js
api-stg.bloombergconnects.org/public/ 		1 MB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/vendors~main-8b5570052e47df37e6f1.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ae3a8a3b4525dda3bb3a9c244ada9e4fdc3420d638b0004ed29d2447dcc4bc18
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/vendors~main-8b5570052e47df37e6f1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:31 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"1010ee-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
68QIxFrOgJz7yDUUHF6XWauwRIoaKezTwuSOW_c6J_TD_3IMikgR4A==
main-695a45ee56e44d425031.js
api-stg.bloombergconnects.org/public/ 		274 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
597249436c503a8a2ee061aa3587dfac37ede0538cba3d6f45040f9c790c06a0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/main-695a45ee56e44d425031.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:31 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"448b6-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
CH-2o3ik6FIQDZxWmp3w8iJJ6cJqieByURccfNOjXvZC9nsEFsOxvg==
token
api-stg.bloombergconnects.org/auth/ 		42 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/auth/token
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/vendors~main-8b5570052e47df37e6f1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3f52396b519238aadf46692a98f5582e4685f6333645df088aa97adbc895c240
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/auth/token
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
etag
W/"2a-K34Ag64nGADpaTZrmk7VNDi0a4c"
x-frame-options
Deny
x-cache
Error from cloudfront
content-type
application/json; charset=utf-8
date
Tue, 06 Jul 2021 19:23:32 GMT
set-cookie
docentjwt-stg=; Max-Age=36000; Domain=bloombergconnects.org; Path=/; Expires=Wed, 07 Jul 2021 05:23:32 GMT; HttpOnly; Secure docentjwt-stg=; Max-Age=43200; Domain=bloombergconnects.org; Path=/; Expires=Wed, 07 Jul 2021 07:23:32 GMT; HttpOnly; Secure
vary
Accept-Encoding
content-length
42
x-xss-protection
1; mode=block
x-amz-cf-id
pO0llfXMqXa827Y0e-qVKqwA6IQ3EhZ-4O6tG2ruuJzg_8LNgrDtmQ==
0-064df4a3828cef65fc39.js
api-stg.bloombergconnects.org/public/ 		149 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/0-064df4a3828cef65fc39.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd7464c7e181c47ef0fb357f1f163a61439a6fbf47324a77eb3b84fd366e5b61
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/0-064df4a3828cef65fc39.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"25516-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
Xr1Z6DUJDeTiOVNciyxJTtup_81r9c5vzn9ClYL9ANxmi-YcltQrKw==
16-aef65f7aeba6500923fb.js
api-stg.bloombergconnects.org/public/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/16-aef65f7aeba6500923fb.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6055055002b5522a18e96655090849b16a02915f5bd0a39e1a64b54f3eff60ef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/16-aef65f7aeba6500923fb.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"b76b-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
NhrTXKIiAqWG0vmZc_pSBKTvIcPf2xdM-dBItABmn97PPMoATP4BkA==
11-53cb6feed3431db853d9.js
api-stg.bloombergconnects.org/public/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/11-53cb6feed3431db853d9.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0e4308174e9c66d0ac823187f2763933eccb2bb761a757b586fce18457f57b03
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/11-53cb6feed3431db853d9.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"47d5-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
saOubfPu2Dz8YUhhZ0EBOnfki6BmlYr08qESsA6a1HjX_lBqSleTbA==
17-a600341b42454ad385a7.js
api-stg.bloombergconnects.org/public/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/17-a600341b42454ad385a7.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1b3d4d25a15a77123399415e69f9a2a39a90f1fd8882e1ce92bfad787d160f3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/17-a600341b42454ad385a7.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"121a-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
k2nkRRYToardH2jY9sxMy_FcZSMN6nMFu3mWRAPunL0sER8-UcpeMA==
1-259a355f0c7726c229ed.js
api-stg.bloombergconnects.org/public/ 		713 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/1-259a355f0c7726c229ed.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16dec56c63a65a63af7b95061a8755a43f88cb73b864b85b56a5142fbdae246c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/1-259a355f0c7726c229ed.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"b24f7-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
zjOxUKvxPnCYnJsgVfihLSZu5Yp4wX5psLVxKwFRxiFD1Zw9HvVLGw==
3-a7c562abf7bfe56d0bf6.js
api-stg.bloombergconnects.org/public/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/3-a7c562abf7bfe56d0bf6.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b8f1138775769478694e529d464dfca8f0358f6df7604de87bcae54e341368b4
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/3-a7c562abf7bfe56d0bf6.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"b923-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
O0dj37Mye6SsrV_u0YFFfLfYWCwhrQYQiadCXH82xn6NyqjsYEdhIA==
15-76ebbe91b989bc403588.js
api-stg.bloombergconnects.org/public/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-stg.bloombergconnects.org/public/15-76ebbe91b989bc403588.js
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/public/main-695a45ee56e44d425031.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:14:82c5:cb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
91899f048c96a9208ddec888e0390c04d6d6260722510eb57b51a5f1f37c2335
Security Headers
Name Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block

Request headers

:path
/public/15-76ebbe91b989bc403588.js
pragma
no-cache
cookie
docentjwt-stg=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
api-stg.bloombergconnects.org
referer
https://api-stg.bloombergconnects.org/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 01 Jul 2021 16:45:00 GMT
x-frame-options
Deny
date
Tue, 06 Jul 2021 19:23:32 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
etag
W/"1b23-17a62f596e0"
accept-ranges
bytes
x-amz-cf-id
88HUcsFEKE6rtlXCVCHhcHDyd1FjzZPBZC8qwprdTIi4ieGLG04Ddg==
AvenirNextPForBBG-Regular-eb3bb1b816.woff2
assets.bwbx.io/s3/fontservice/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Regular-eb3bb1b816.woff2
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.73 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://api-stg.bloombergconnects.org
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XOOKUK3EeMB0gbupxJyVtbtpAfNM6Chv
etag
"eb3bb1b8161ef443e50d2b9dfbcaeaa8"
age
2450129
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
36456
x-amz-id-2
lougs6R3Pgh+rotGluqzNU2FJwxwqjL8jZCbADlEaswddUzzZq/Wf4KlkWMjULYcNfrpQQ11UKA=
x-served-by
cache-sea4458-SEA, cache-hhn4061-HHN
last-modified
Wed, 26 May 2021 19:59:38 GMT
server
AmazonS3
x-timer
S1625599412.139255,VS0,VE0
date
Tue, 06 Jul 2021 19:23:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, HEAD
x-amz-request-id
Q5M0B320TNV818E1
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
778, 52158
AvenirNextPForBBG-Demi-b9b4abf0ea.woff2
assets.bwbx.io/s3/fontservice/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.bwbx.io/s3/fontservice/fonts/AvenirNextPForBBG-Demi-b9b4abf0ea.woff2
Requested by
Host: api-stg.bloombergconnects.org
URL: https://api-stg.bloombergconnects.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.73 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d24b492cc15692d79a344d3cee1952e99baf5a35e727eee802014e43311af9dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://api-stg.bloombergconnects.org
Referer
https://api-stg.bloombergconnects.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
sy3N04Rq2jEOm0gzOesgGR.CSoZNks5Y
etag
"b9b4abf0ea70a701fa5cfba89d02763f"
age
2450676
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
36708
x-amz-id-2
4ixKly1cVMr4ILu7yuzu8UVWwlbg/4N/OnLor2zHYKCM2a2MBnuBbJkdg2WYzC2s/6i2vTUXcKo=
x-served-by
cache-sea4458-SEA, cache-hhn4061-HHN
last-modified
Wed, 26 May 2021 19:59:38 GMT
server
AmazonS3
x-timer
S1625599413.820400,VS0,VE0
date
Tue, 06 Jul 2021 19:23:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, HEAD
x-amz-request-id
1GGMF28Q9E7RVS9D
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-type
font/woff2
x-cache-hits
796, 53449

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| featureFlags object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| scCGSHMRCache function| _

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; media-src 'self' data: blob: https://assets-stg.bloombergconnects.org; img-src 'self' data: blob: https://assets-stg.bloombergconnects.org https://www.google-analytics.com;frame-ancestors 'self'; font-src https://assets.bwbx.io/ https://fonts.gstatic.com/ https://fonts.googleapis.com/; style-src 'self' 'unsafe-inline' blob: https://fonts.googleapis.com/ https://assets.bxbw.io/ https://unpkg.com/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; connect-src 'self' ws: http://localhost:8080;
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1; mode=block