urlscan.io logo urlscan.io
SecurityTrails logo

service.blpprofessional.com Open in urlscan Pro
69.187.26.117  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bsso.blpprofessional.com/idp/SSO.saml2?SAMLRequest=fVJBbtswEPwKwbskipbtiJAUuDGKGkgbI3J66CUgqVVNgCJVLpWmvy8kJ2gOTa6zw5nZ4V...
Effective URL: https://service.blpprofessional.com/portal/sessions/new
Submission: On December 20 via api from UA — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 69.187.26.117, located in United States and belongs to BLOOMBERG-NET, US. The main domain is service.blpprofessional.com. The Cisco Umbrella rank of the primary domain is 448256.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 15th 2024. Valid for: a year.
This is the only time service.blpprofessional.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 69.191.249.87 10361 (BLOOMBERG...)
2 10 69.187.26.117 10361 (BLOOMBERG...)
12 3
Apex Domain
Subdomains		 Transfer
12 blpprofessional.com
bsso.blpprofessional.com — Cisco Umbrella Rank: 295986
service.blpprofessional.com — Cisco Umbrella Rank: 448256
1 MB
12 1
Domain Requested by
10 service.blpprofessional.com 2 redirects service.blpprofessional.com
2 bsso.blpprofessional.com
12 2

This site contains no links.

Subject Issuer Validity Valid
bsso.blpprofessional.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-02		 8 months crt.sh
service.bloomberg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-15 -
2025-10-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://service.blpprofessional.com/portal/sessions/new
Frame ID: 21FDCDCA1DA8478EA308B314F2D7D64B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bloomberg Service Center

Page URL History Show full URLs

  1. https://bsso.blpprofessional.com/idp/SSO.saml2?SAMLRequest=fVJBbtswEPwKwbskipbtiJAUuDGKGkgbI3J66CUgqVVNgCJVLp... Page URL
  2. https://service.blpprofessional.com/portal/sessions/bauth_cb HTTP 302
    https://service.blpprofessional.com/portal/sessions/logout HTTP 302
    https://service.blpprofessional.com/portal/sessions/new Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

1067 kB
Transfer

3485 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bsso.blpprofessional.com/idp/SSO.saml2?SAMLRequest=fVJBbtswEPwKwbskipbtiJAUuDGKGkgbI3J66CUgqVVNgCJVLpWmvy8kJ2gOTa6zw5nZ4VbXz4MlTxDQeFfTPGX0uql2Uzy7e/g1AUbyPFiHNZ2CE16iQeHkACiiFu3u663gKRNj8NFrb%2BmFLFAO9uMXEhFCNN5R8v3VnKeMksO%2Bpo9XvVTldrNeMSXLXBal2ki2yq%2BAr4uCbcqcr7aqWxeaU3JAnODgMEoXa8oZL5KcJ5ydOBNsLViZ8u32ByV7wGicjIvVOcYRRZYpRJ8qO47B94BzDGlT7YfMdGPWtnfpvAmnZPca98Y7nAYILYQno%2BHh/vafGF6w/%2BqNPkRpM7yAmCk5xfOjVpQcX7r7ZFxn3M%2BPa1MXEoovp9MxOd61J0o%2B%2B6Bh%2BbGa9tIi0KaaY4ulmdBo1Mm8Z6LsWGVvJ9U3OcBhf/TW6D%2BzziDj%2B/55mi%2BI6ZJ%2BoYrJ4Qja9AY6SnbW%2Bt83AWSEmsYwAc2aKnt7Sc1f&RelayState=%7B%7D&SigAlg=http://www.w3.org/2001/04/xmldsig-more%23rsa-sha256&Signature=YV1UeYry1Jum%2BSc2cG9R8ATXuk//4nnpmr1z9QuN/mMuhl8bgNkNzKYMwqz3olb1//OLtFtffgp06CaYUc1poiK7wzASqBG8N5qXiUJ/yApNSzIdm2XnuLF1mgYw2TN/1YflkNToQ0Bglmg2HQoNeIV2zfJbeOLWRWB9E627R7kmV8bM1foZciK6l4rVUGtgMQ/LoOiRa1nUwQ3s11wjzUL3qZIUTNAacmwTidXUqCs5rIxT4rLkfTZXRGno1SC8Gw%2BUw39p7OEUMxDTyp6qRAhy29L8dCuG1pc7N%2BsrbdGyJ2C5kP8B6mEwlhUAPc/ThUptQlk0Zfg2gL632tCqkeJexb7sBC1DI2L%2Bil2Q/hU7BrrhLuefoww3zkem%2BVJ4D/y%2BjPj6omfajsYkbRKZCEeLB81FcyZ4chQofL7oK3M%2BxiWXsw56So3YSbMlPdc9oGMnaFnVS/Id8PV9ipvwDG/VG7s5JIA27zliGEdlYJcGTeOp6UW85cuSM3deh%2BJ91rjWJQ231u8/mONDqwh8fgPp/1qL9yv11QjfJcOYpiUskDBFKe9mmuD5Klxf21Az4gmLppcmxvFH5ASpZALdokWAWGVt7w55vXziuzO1EkRXyJL2PG43jM6LjciL/369%2BU42EqMH/wfoZfQLCM9hZRQalDD3gDiQsarHbzyK%2Bgg%3D Page URL
  2. https://service.blpprofessional.com/portal/sessions/bauth_cb HTTP 302
    https://service.blpprofessional.com/portal/sessions/logout HTTP 302
    https://service.blpprofessional.com/portal/sessions/new Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
SSO.saml2
bsso.blpprofessional.com/idp/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bsso.blpprofessional.com/idp/SSO.saml2?SAMLRequest=fVJBbtswEPwKwbskipbtiJAUuDGKGkgbI3J66CUgqVVNgCJVLpWmvy8kJ2gOTa6zw5nZ4VbXz4MlTxDQeFfTPGX0uql2Uzy7e/g1AUbyPFiHNZ2CE16iQeHkACiiFu3u663gKRNj8NFrb%2BmFLFAO9uMXEhFCNN5R8v3VnKeMksO%2Bpo9XvVTldrNeMSXLXBal2ki2yq%2BAr4uCbcqcr7aqWxeaU3JAnODgMEoXa8oZL5KcJ5ydOBNsLViZ8u32ByV7wGicjIvVOcYRRZYpRJ8qO47B94BzDGlT7YfMdGPWtnfpvAmnZPca98Y7nAYILYQno%2BHh/vafGF6w/%2BqNPkRpM7yAmCk5xfOjVpQcX7r7ZFxn3M%2BPa1MXEoovp9MxOd61J0o%2B%2B6Bh%2BbGa9tIi0KaaY4ulmdBo1Mm8Z6LsWGVvJ9U3OcBhf/TW6D%2BzziDj%2B/55mi%2BI6ZJ%2BoYrJ4Qja9AY6SnbW%2Bt83AWSEmsYwAc2aKnt7Sc1f&RelayState=%7B%7D&SigAlg=http://www.w3.org/2001/04/xmldsig-more%23rsa-sha256&Signature=YV1UeYry1Jum%2BSc2cG9R8ATXuk//4nnpmr1z9QuN/mMuhl8bgNkNzKYMwqz3olb1//OLtFtffgp06CaYUc1poiK7wzASqBG8N5qXiUJ/yApNSzIdm2XnuLF1mgYw2TN/1YflkNToQ0Bglmg2HQoNeIV2zfJbeOLWRWB9E627R7kmV8bM1foZciK6l4rVUGtgMQ/LoOiRa1nUwQ3s11wjzUL3qZIUTNAacmwTidXUqCs5rIxT4rLkfTZXRGno1SC8Gw%2BUw39p7OEUMxDTyp6qRAhy29L8dCuG1pc7N%2BsrbdGyJ2C5kP8B6mEwlhUAPc/ThUptQlk0Zfg2gL632tCqkeJexb7sBC1DI2L%2Bil2Q/hU7BrrhLuefoww3zkem%2BVJ4D/y%2BjPj6omfajsYkbRKZCEeLB81FcyZ4chQofL7oK3M%2BxiWXsw56So3YSbMlPdc9oGMnaFnVS/Id8PV9ipvwDG/VG7s5JIA27zliGEdlYJcGTeOp6UW85cuSM3deh%2BJ91rjWJQ231u8/mONDqwh8fgPp/1qL9yv11QjfJcOYpiUskDBFKe9mmuD5Klxf21Az4gmLppcmxvFH5ASpZALdokWAWGVt7w55vXziuzO1EkRXyJL2PG43jM6LjciL/369%2BU42EqMH/wfoZfQLCM9hZRQalDD3gDiQsarHbzyK%2Bgg%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.191.249.87 East Windsor, United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self'; font-src 'self' data:;frame-src https://www.google.com data:;img-src *;frame-ancestors 'self' https://staging.bloomberg.com ; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Length
3707
Content-Security-Policy
default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self'; font-src 'self' data:;frame-src https://www.google.com data:;img-src *;frame-ancestors 'self' https://staging.bloomberg.com ; object-src 'none'
Content-Type
text/html;charset=utf-8
Date
Fri, 20 Dec 2024 20:06:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
Primary Request new
service.blpprofessional.com/portal/sessions/
Redirect Chain
  • https://service.blpprofessional.com/portal/sessions/bauth_cb
  • https://service.blpprofessional.com/portal/sessions/logout
  • https://service.blpprofessional.com/portal/sessions/new
222 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
237dc59910fe8374089f041367cceea72473bfca9f28d7b54cebc063e2edbebe
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://bsso.blpprofessional.com
Referer
https://bsso.blpprofessional.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 20 Dec 2024 20:06:25 GMT
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

connection
close
content-length
84
content-type
text/html; charset=utf-8
date
Fri, 20 Dec 2024 20:06:24 GMT
location
/portal/sessions/new
strict-transport-security
max-age=16000000; includeSubDomains; preload;
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
favicon.ico
bsso.blpprofessional.com/ 		7 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bsso.blpprofessional.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.191.249.87 East Windsor, United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self'; font-src 'self' data:;frame-src https://www.google.com data:;img-src *;frame-ancestors 'self' https://staging.bloomberg.com ; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bsso.blpprofessional.com/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self'; font-src 'self' data:;frame-src https://www.google.com data:;img-src *;frame-ancestors 'self' https://staging.bloomberg.com ; object-src 'none'
Connection
close
Referrer-Policy
origin
Content-Length
7406
Date
Fri, 20 Dec 2024 20:06:22 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 21 Feb 2024 04:21:08 GMT
X-Frame-Options
SAMEORIGIN
AvenirNextPForBBG-Medium.woff2
service.blpprofessional.com/nextgen/fonts/avenir/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/fonts/avenir/AvenirNextPForBBG-Medium.woff2
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
851ce50a17d14e4392d692f16f7ae997231a991e8137a72e7bdaf9bbfce4c8e3
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://service.blpprofessional.com
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
content-length
36540
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:25 GMT
last-modified
Thu, 12 Dec 2024 16:09:22 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
AvenirNextPForBBG-Regular.woff2
service.blpprofessional.com/nextgen/fonts/avenir/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/fonts/avenir/AvenirNextPForBBG-Regular.woff2
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
13f07e4a2a1699b8dfc0b0ee14014fba6e822a778155a62ac588225ff8fe068a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://service.blpprofessional.com
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
content-length
36456
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:25 GMT
last-modified
Thu, 12 Dec 2024 16:09:22 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
fontawesome-webfont.woff2
service.blpprofessional.com/nextgen/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/fonts/font-awesome/fontawesome-webfont.woff2?5.191.0
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://service.blpprofessional.com
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:25 GMT
last-modified
Thu, 12 Dec 2024 16:09:22 GMT
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
styles.css
service.blpprofessional.com/nextgen/css/ 		515 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/css/styles.css?5.191.0
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
6f82753f425ae59629cc2e7589b6a7ef7ffd2cb2f6e34141562372e40558dbb8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

transfer-encoding
chunked
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
content-encoding
gzip
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:25 GMT
last-modified
Thu, 12 Dec 2024 16:10:47 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
vendor.d8ae5c01.js
service.blpprofessional.com/nextgen/build/ 		3 MB
758 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/build/vendor.d8ae5c01.js
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
63f410c3876dae5e694cfdb0360f93daf512b4cb6479c79211d60dcfa081e8f0
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

transfer-encoding
chunked
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
content-encoding
gzip
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:25 GMT
last-modified
Thu, 12 Dec 2024 16:11:23 GMT
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
landing-page-2.2.js
service.blpprofessional.com/bbwc/dist/generic/ 		0
0
common-libs.389107af.js
service.blpprofessional.com/nextgen/build/ 		0
0
sessions.db096696.js
service.blpprofessional.com/nextgen/build/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/build/sessions.db096696.js
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
250f16001ccf24c0117173c67c1c3cd08429ba8483fb82f3d7d0dd2c822c111b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

transfer-encoding
chunked
strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
content-encoding
gzip
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:26 GMT
last-modified
Thu, 12 Dec 2024 16:11:23 GMT
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
analytics.02735eb3.js
service.blpprofessional.com/nextgen/build/ 		28 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.blpprofessional.com/nextgen/build/analytics.02735eb3.js
Requested by
Host: service.blpprofessional.com
URL: https://service.blpprofessional.com/portal/sessions/new
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.187.26.117 , United States, ASN10361 (BLOOMBERG-NET, US),
Reverse DNS
Software
/
Resource Hash
d1cae8d13f3e9facb63ec5267bfe19db857c88cb36151346683918745a021c32
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://service.blpprofessional.com/portal/sessions/new

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
public, max-age=259200
connection
close
x-content-type-options
nosniff
x-download-options
noopen
accept-ranges
bytes
content-length
28
x-xss-protection
1; mode=block
date
Fri, 20 Dec 2024 20:06:26 GMT
last-modified
Thu, 12 Dec 2024 16:11:23 GMT
content-type
application/javascript
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
service.blpprofessional.com
URL
https://service.blpprofessional.com/bbwc/dist/generic/landing-page-2.2.js
Domain
service.blpprofessional.com
URL
https://service.blpprofessional.com/nextgen/build/common-libs.389107af.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| getCookie string| lang object| locales object| pageData string| logEnabled function| bootstrapLandingPage

5 Cookies

Domain/Path Name / Value
bsso.blpprofessional.com/ Name: PF
Value: 4FmEalVtfltxStabFaZNxb
service.blpprofessional.com/ Name: locale
Value: en
service.blpprofessional.com/ Name: SRV
Value: Y03
service.blpprofessional.com/ Name: internalEndpoints
Value:
service.blpprofessional.com/ Name: session
Value: s%3Ah_xC1Lc7npnTWeayZLEaXLN2lqXPpOs8.aVw2Q9q2DNhpWyQXgWs0ZXG3qZ20BWsIyF8xfOeIF0o

1 Console Messages

Source Level URL
Text
javascript warning URL: https://service.blpprofessional.com/portal/sessions/new
Message:
The resource https://service.blpprofessional.com/nextgen/fonts/font-awesome/fontawesome-webfont.woff2?5.191.0 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self'; font-src 'self' data:;frame-src https://www.google.com data:;img-src *;frame-ancestors 'self' https://staging.bloomberg.com ; object-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN