api.bcbssc.com Open in urlscan Pro
208.60.144.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hubbcbs-sc.app.blackduck.com/
Effective URL:
https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia
Submission: On July 10 via api (July 10th 2023, 7:01:01 pm UTC) from CL — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 208.60.144.92, located in United States and belongs to BCBSSC, US. The main domain is api.bcbssc.com. The Cisco Umbrella rank of the primary domain is 489789.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 20th 2022. Valid for: a year.

This is the only time api.bcbssc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	104.18.19.107 104.18.19.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	208.60.144.92 208.60.144.92	26153 (BCBSSC) (BCBSSC)
15	3

15 104.18.19.107 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubbcbs-sc.app.blackduck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.60.144.92 (United States) 1 redirects

ASN26153 (BCBSSC, US)

api.bcbssc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	blackduck.com 1 redirects hubbcbs-sc.app.blackduck.com	1 MB
2	bcbssc.com 1 redirects api.bcbssc.com — Cisco Umbrella Rank: 489789	8 KB
15	2

	Domain	Requested by
15	hubbcbs-sc.app.blackduck.com	1 redirects hubbcbs-sc.app.blackduck.com
2	api.bcbssc.com	1 redirects
15	2

This site contains no links.

Subject Issuer	Validity	Valid
*.app.blackduck.com Entrust Certification Authority - L1K	`2023-04-28` - `2024-05-15`	a year	crt.sh
api.bcbssc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia
Frame ID: EFD85B20AFE8CC88370EA26CDB3E150C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hubbcbs-sc.app.blackduck.com/ HTTP 301
https://hubbcbs-sc.app.blackduck.com/ Page URL
https://hubbcbs-sc.app.blackduck.com/saml/login Page URL
https://api.bcbssc.com/internal/sso/spInitiated HTTP 302
https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1146 kB
Transfer

4403 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hubbcbs-sc.app.blackduck.com/ HTTP 301
https://hubbcbs-sc.app.blackduck.com/ Page URL
https://hubbcbs-sc.app.blackduck.com/saml/login Page URL
https://api.bcbssc.com/internal/sso/spInitiated HTTP 302
https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hubbcbs-sc.app.blackduck.com/ HTTP 301
https://hubbcbs-sc.app.blackduck.com/

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
hubbcbs-sc.app.blackduck.com/
Redirect Chain

http://hubbcbs-sc.app.blackduck.com/
https://hubbcbs-sc.app.blackduck.com/

3 KB
2 KB

428ms
382ms

Document
text/html

104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533718d3173458fd46b8755e8a5d65676034e3c23ba22596c932eaf24f8ad868

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7e4b0d6219118fe2-FRA
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Mon, 10 Jul 2023 19:00:55 GMT
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 7e4b0d61a89d3736-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 10 Jul 2023 19:00:54 GMT
Expires: Mon, 10 Jul 2023 20:00:54 GMT
Location: https://hubbcbs-sc.app.blackduck.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 179.104e486d.js Show response
hubbcbs-sc.app.blackduck.com/static/js/ 2 MB
512 KB 558ms
557ms Script
application/javascript 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1daec3b648fd7a249f182e36e2ee878167a16a2564b8c246833918ae9fbfea8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:55 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d648bb88fe2-FRA
expires: Tue, 09 Jul 2024 19:00:55 GMT

GET
H2 200 9dd2e7c6.css
hubbcbs-sc.app.blackduck.com/static/css/ 10 KB
3 KB 377ms
376ms Stylesheet
text/css 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/css/9dd2e7c6.css

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

616a3c221e351dc518eccc72a917492e68626530289446c1e80274d27871b979

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:55 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d648bba8fe2-FRA
expires: Tue, 09 Jul 2024 19:00:55 GMT

GET
H2 200 0a885c02.css
hubbcbs-sc.app.blackduck.com/static/css/ 218 KB
43 KB 497ms
497ms Stylesheet
text/css 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/css/0a885c02.css

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc98c0c6876cdfe6c9349104e05c188c4edbef71e2d650961eb0a2883b2d0a30

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6bab968fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 087dd030.css
hubbcbs-sc.app.blackduck.com/static/css/ 259 KB
43 KB 502ms
502ms Stylesheet
text/css 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/css/087dd030.css

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

063759868ce2bbe1107fac131b78c5c269c85b2d712e5d3ba760a1206310a0c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6bab978fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 469.1c8061c5.js Show response
hubbcbs-sc.app.blackduck.com/static/js/ 133 B
224 B 374ms
374ms Script
application/javascript 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/js/469.1c8061c5.js

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61874de4746a6eccbbbbc4d97a9c214276f64353514176184ed6a51072db158f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
cf-cache-status: MISS
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6bab988fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 feb4dfd0.css
hubbcbs-sc.app.blackduck.com/static/css/ 9 KB
2 KB 383ms
383ms Stylesheet
text/css 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/css/feb4dfd0.css

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a423ba76d324f3e5d0a3323763b215c546e79716d1798888488860ca77330a8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6bab9c8fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 282.2245d10b.js Show response
hubbcbs-sc.app.blackduck.com/static/js/ 2 MB
430 KB 564ms
564ms Script
application/javascript 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/js/282.2245d10b.js

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59ccad545e9cb55b4c036a93a51f96e8e2bc19afbe4c7be53c515eae12c2ea11

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6bab9e8fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 845.fe0b4865.js Show response
hubbcbs-sc.app.blackduck.com/static/js/ 224 KB
52 KB 499ms
499ms Script
application/javascript 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/js/845.fe0b4865.js

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f1da821909ef5d04d631b40ce653e6a1b7e2980c597f9095940efc69b0682d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:56 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: MISS
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6baba08fe2-FRA
expires: Tue, 09 Jul 2024 19:00:56 GMT

GET
H2 200 967e123a.woff2
hubbcbs-sc.app.blackduck.com/static/fonts/ 46 KB
46 KB 581ms
581ms Font
font/woff2 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/static/fonts/967e123a.woff2

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/css/087dd030.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hubbcbs-sc.app.blackduck.com/static/css/087dd030.css
Origin: https://hubbcbs-sc.app.blackduck.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:57 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
cf-cache-status: MISS
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7e4b0d6f683f8fe2-FRA
content-length: 47016
expires: Tue, 09 Jul 2024 19:00:57 GMT

GET
H2 401 current-user
hubbcbs-sc.app.blackduck.com/api/ 158 B
385 B 2695ms
2695ms XHR
application/vnd.blackducksoftware.internal-1+json 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/api/current-user

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/vnd.blackducksoftware.internal-1+json
Referer: https://hubbcbs-sc.app.blackduck.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Mon, 10 Jul 2023 19:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
x-csrf-token: 9e004a87-d5a3-4728-838c-b680ee72b330
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: accept-encoding
content-type: application/vnd.blackducksoftware.internal-1+json
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7e4b0d6fa87d8fe2-FRA
x-saml-login: true
expires: 0

GET
H2 200 logo.png
hubbcbs-sc.app.blackduck.com/api/internal/ 4 KB
4 KB 401ms
400ms Image
image/png 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hubbcbs-sc.app.blackduck.com/api/internal/logo.png

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dceea7afbf54ad43870f28b6eccfab9da6d13337054a17135a0c149aed4c9986

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-csrf-param: _csrf
date: Mon, 10 Jul 2023 19:00:57 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
x-csrf-token: 6a75ca11-af5b-495a-b378-3607fec75778
cf-cache-status: MISS
content-length: 3939
x-xss-protection: 1; mode=block
x-csrf-header: X-CSRF-TOKEN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 10 Jul 2023 19:00:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
cf-ray: 7e4b0d6fb8a28fe2-FRA

GET
H2 200 b2755587.svg
hubbcbs-sc.app.blackduck.com/static/images/ 202 B
299 B 384ms
384ms Image
image/svg+xml 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hubbcbs-sc.app.blackduck.com/static/images/b2755587.svg

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84c207b5de9c4cce208de66f5e826d790a81ca783f9d7667455432322821120

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hubbcbs-sc.app.blackduck.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 19:00:57 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 28 Feb 2023 18:13:40 GMT
server: cloudflare
cf-cache-status: MISS
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7e4b0d6fb8a48fe2-FRA
expires: Tue, 09 Jul 2024 19:00:57 GMT

GET
H2 200 login Show response
hubbcbs-sc.app.blackduck.com/saml/ 2 KB
1 KB 184ms
183ms Document
text/html 104.18.19.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hubbcbs-sc.app.blackduck.com/saml/login

Requested by

Host: hubbcbs-sc.app.blackduck.com
URL: https://hubbcbs-sc.app.blackduck.com/static/js/179.104e486d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.19.107 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63fbb8eb87f6e89cb557dade8e879f08a515aa006f83d15a4f4de1848e1c46da

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hubbcbs-sc.app.blackduck.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7e4b0d808d4d8fe2-FRA
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
content-type: text/html;charset=UTF-8
date: Mon, 10 Jul 2023 19:00:59 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-csrf-header: X-CSRF-TOKEN
x-csrf-param: _csrf
x-csrf-token: 8d5ace22-afcd-482a-896e-feb5c94baa18
x-frame-options: SAMEORIGIN
x-saml-login: true
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request blackduck Show response
api.bcbssc.com/internal/sso/
Redirect Chain

https://api.bcbssc.com/internal/sso/spInitiated
https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia

10 KB
7 KB

136ms
135ms

Document
text/html

208.60.144.92
BCBSSC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.60.144.92 , United States, ASN26153 (BCBSSC, US),
Reverse DNS
Software: /
Resource Hash: 00ccaec015e39fe9f6f71af466e8de922ab1b6b2f8eca7dcd5c4629766eaf546

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://hubbcbs-sc.app.blackduck.com
Referer: https://hubbcbs-sc.app.blackduck.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 10 Jul 2023 19:01:00 GMT
Transfer-Encoding: chunked
X-EXTERNAL: true
X-Global-Transaction-ID: ab87b17064ac556c238609b1
uuid: 56766f5f-608b-4cd4-aed7-70b187abef2d

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 10 Jul 2023 19:01:00 GMT
Location: https://api.bcbssc.com/internal/sso/blackduck?inResponseTo=a237bi899cafd74521e96fd6a2b3cia
Transfer-Encoding: chunked
X-EXTERNAL: true
X-Global-Transaction-ID: ab87b17064ac556c247cba1d
uuid: 474fcabd-3122-4b3e-9eaf-70b187ab81ad

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adce08e10ef7d2541cbe3c16134d5407247737b266a5787e5ff0a40bf49a980a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hubbcbs-sc.app.blackduck.com/api/current-user Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline';object-src 'self'; frame-ancestors 'self'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bcbssc.com
hubbcbs-sc.app.blackduck.com
104.18.19.107
208.60.144.92
00ccaec015e39fe9f6f71af466e8de922ab1b6b2f8eca7dcd5c4629766eaf546
063759868ce2bbe1107fac131b78c5c269c85b2d712e5d3ba760a1206310a0c2
1daec3b648fd7a249f182e36e2ee878167a16a2564b8c246833918ae9fbfea8c
31f1da821909ef5d04d631b40ce653e6a1b7e2980c597f9095940efc69b0682d
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
533718d3173458fd46b8755e8a5d65676034e3c23ba22596c932eaf24f8ad868
59ccad545e9cb55b4c036a93a51f96e8e2bc19afbe4c7be53c515eae12c2ea11
616a3c221e351dc518eccc72a917492e68626530289446c1e80274d27871b979
61874de4746a6eccbbbbc4d97a9c214276f64353514176184ed6a51072db158f
63fbb8eb87f6e89cb557dade8e879f08a515aa006f83d15a4f4de1848e1c46da
a423ba76d324f3e5d0a3323763b215c546e79716d1798888488860ca77330a8d
a84c207b5de9c4cce208de66f5e826d790a81ca783f9d7667455432322821120
adce08e10ef7d2541cbe3c16134d5407247737b266a5787e5ff0a40bf49a980a
dceea7afbf54ad43870f28b6eccfab9da6d13337054a17135a0c149aed4c9986
fc98c0c6876cdfe6c9349104e05c188c4edbef71e2d650961eb0a2883b2d0a30

api.bcbssc.com Open in urlscan Pro 208.60.144.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1146 kBTransfer

4403 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

api.bcbssc.com Open in urlscan Pro
208.60.144.92 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1146 kB
Transfer

4403 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions