urlscan.io logo urlscan.io
SecurityTrails logo

login.bdreporting.com Open in urlscan Pro
199.36.128.199  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bd3.bdreporting.com/Auth/ExternalLink/Avalon/481?linkUrl=%2Fix
Effective URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBla...
Submission: On December 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 199.36.128.199, located in United States and belongs to SSNC-AS - SS&C Technologies, Inc., US. The main domain is login.bdreporting.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 23rd 2019. Valid for: 2 years.
This is the only time login.bdreporting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 199.36.128.204 13938 (SSNC-AS)
1 7 199.36.128.199 13938 (SSNC-AS)
1 1 104.111.229.247 16625 (AKAMAI-AS)
7 3
Apex Domain
Subdomains		 Transfer
10 bdreporting.com
bd3.bdreporting.com
login.bdreporting.com
378 KB
1 typography.com
cloud.typography.com
473 B
7 2
Domain Requested by
7 login.bdreporting.com 1 redirects login.bdreporting.com
3 bd3.bdreporting.com 2 redirects login.bdreporting.com
1 cloud.typography.com 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
login.bdreporting.com
DigiCert SHA2 Extended Validation Server CA		 2019-07-23 -
2021-07-27		 2 years crt.sh
*.bdreporting.com
DigiCert SHA2 Secure Server CA		 2017-04-14 -
2020-07-06		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Frame ID: 8EEFDC3400D55EAD977F270974EBE2E3
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bd3.bdreporting.com/Auth/ExternalLink/Avalon/481?linkUrl=%2Fix HTTP 302
    https://bd3.bdreporting.com/Auth/SignIn?firmAcronym=Avalon&teamID=481&Url=%2Fix HTTP 302
    https://login.bdreporting.com/connect/authorize?response_type=code&client_id=BlackDiamond_Web&redirect_uri... HTTP 302
    https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dco... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

406 kB
Transfer

921 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bd3.bdreporting.com/Auth/ExternalLink/Avalon/481?linkUrl=%2Fix HTTP 302
    https://bd3.bdreporting.com/Auth/SignIn?firmAcronym=Avalon&teamID=481&Url=%2Fix HTTP 302
    https://login.bdreporting.com/connect/authorize?response_type=code&client_id=BlackDiamond_Web&redirect_uri=https%3a%2f%2fbd3.bdreporting.com%2fauth%2fcode%3fUrl%3d%2fix&scope=openid+profile+api+ix+offline_access+vault+rebalancer&nonce=iuZ0Js9UVf%2bPMrk%2bJYBNTNQba5FCR%2bWrUhvVXA2hdFE%3d HTTP 302
    https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cloud.typography.com/7395932/646568/css/fonts.css HTTP 302
  • https://bd3.bdreporting.com/Content/Fonts/Typography/729178/FE50D2090ED634264.css

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set SignIn
login.bdreporting.com/Auth/
Redirect Chain
  • https://bd3.bdreporting.com/Auth/ExternalLink/Avalon/481?linkUrl=%2Fix
  • https://bd3.bdreporting.com/Auth/SignIn?firmAcronym=Avalon&teamID=481&Url=%2Fix
  • https://login.bdreporting.com/connect/authorize?response_type=code&client_id=BlackDiamond_Web&redirect_uri=https%3a%2f%2fbd3.bdreporting.com%2fauth%2fcode%3fUrl%3d%2fix&scope=openid+profile+api+ix+...
  • https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
f2521efe370a1e9c3536aff70916b727c8e0ab302a2f2e1d06e5e02874a92301
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Host
login.bdreporting.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Cookie
FirmAcronym=Avalon; TeamID=481
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Set-Cookie
.AspNetCore.Antiforgery.kZusIHPjkI8=CfDJ8EW7rlKK5yZFuNG-7pgohDVAZ8gU2k_tkV_-YE6XCK5apzlrqz-ETH6rvAXChgg7sCAsoKZd8IHO1UJO16n0MQxZ61XAocZZ5fNK5xkuYzZF7GYJIfidgo_7yJcMKBKmqudno8LD-qQapsr8ilHiJSU; path=/; secure; httponly
X-Robots-Tag
noindex, nofollow, noarchive
X-Content-Type-Options
nosniff
X-XSS-Protection
1;mode=block
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2019 06:49:35 GMT
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache,no-store
Location
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
X-Robots-Tag
noindex, nofollow, noarchive
X-Content-Type-Options
nosniff
X-XSS-Protection
1;mode=block
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Sun, 15 Dec 2019 06:49:35 GMT
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=16070400; includeSubDomains
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
20
Connection
Keep-Alive
FE50D2090ED634264.css
bd3.bdreporting.com/Content/Fonts/Typography/729178/
Redirect Chain
  • https://cloud.typography.com/7395932/646568/css/fonts.css
  • https://bd3.bdreporting.com/Content/Fonts/Typography/729178/FE50D2090ED634264.css
158 KB
125 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bd3.bdreporting.com/Content/Fonts/Typography/729178/FE50D2090ED634264.css
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.204 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
e6ca138ff85b19161ae3eed2d41cd60931883bbd03ed681815143c16ed1ec6de
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://bd-alerts.service.signalr.net bd-alerts.service.signalr.net *.helpscout.net *.cloudfront.net *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io *.gstatic.com data:;object-src 'self' blob: *.helpscout.net;style-src 'self' *.gstatic.com *.helpscout.net *.cloudfront.net *.googleapis.com https://cloud.typography.com https://preview.bdreporting.com maxcdn.bootstrapcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.helpscout.net *.cloudfront.net https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io;frame-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io play.vidyard.com *.helpscout.net;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io *.bdreporting.local *.bdreporting.com *.cloudfront.net;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary
Accept-Encoding
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Tue, 29 Oct 2019 18:49:36 GMT
ETag
"0e0399c898ed51:0"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/css
Cache-Control
private,max-age=3600
Content-Security-Policy
default-src 'self' wss://bd-alerts.service.signalr.net bd-alerts.service.signalr.net *.helpscout.net *.cloudfront.net *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io *.gstatic.com data:;object-src 'self' blob: *.helpscout.net;style-src 'self' *.gstatic.com *.helpscout.net *.cloudfront.net *.googleapis.com https://cloud.typography.com https://preview.bdreporting.com maxcdn.bootstrapcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.helpscout.net *.cloudfront.net https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io;frame-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io play.vidyard.com *.helpscout.net;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com *.feedback.eu.pendo.io https://feedback.eu.pendo.io *.receptive.io https://receptive.io *.bdreporting.local *.bdreporting.com *.cloudfront.net;
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive

Redirect headers

Date
Sun, 15 Dec 2019 06:49:36 GMT
Last-Modified
Sat, 11 May 2019 01:06:02 GMT
Server
Apache
ETag
"755210c9ea912c6062d76e5dc26bf05e:1557536762"
Vary
Accept-Encoding
Content-Type
text/html
Location
https://bd3.bdreporting.com/Content/Fonts/Typography/729178/FE50D2090ED634264.css
Cache-Control
must-revalidate, private
Connection
keep-alive
X-HCo-pid
14
Content-Length
154
Expires
Sun, 15 December 2019 06:49:36 GMT
font-awesome.css
login.bdreporting.com/lib/font-awesome/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.bdreporting.com/lib/font-awesome/css/font-awesome.css
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
305fdd8ab222d1123866f401b7e8786d674f72ec8d40197069369683b6019655
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary
Accept-Encoding
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 11 Dec 2019 00:06:44 GMT
ETag
"1d5afb6df25a06d"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
text/css
Cache-Control
private,max-age=3600
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive
vendor.module.js
login.bdreporting.com/vendor/ 		577 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.bdreporting.com/vendor/vendor.module.js?v=8JIUcHlDEce5xtVwnuHPDdeVs5yc9xucvgLEbAmGPhE
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
f0921470794311c7b9c6d5709ee1cf0dd795b39c9cf71b9cbe02c46c09863e11
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary
Accept-Encoding
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 11 Dec 2019 00:09:34 GMT
ETag
"1d5afb74470b7d6"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/javascript
Cache-Control
private,max-age=3600
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive
sign-in.module.js
login.bdreporting.com/dist/ 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.bdreporting.com/dist/sign-in.module.js?v=3ZB4FSlbfKJM7h_TOHd1cgm8Ebtn4Q_z9DSyDz32nRg
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
dd907815295b7ca24cee1fd33877757209bc11bb67e10ff3f434b20f3df69d18
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary
Accept-Encoding
X-XSS-Protection
1;mode=block
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 11 Dec 2019 00:10:28 GMT
ETag
"1d5afb764a8abca"
Strict-Transport-Security
max-age=16070400; includeSubDomains
Content-Type
application/javascript
Cache-Control
private,max-age=3600
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4103c88c679d71e7a02161abc18d0d1b90cce31740996f723fbdbf3e6b8e0cf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://login.bdreporting.com

Response headers

Content-Type
application/x-font-woff2
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aeb0cfef3c940dd6fe1f307b1185c5ded2a9c1a313bb33d5b1bf50f64ff854b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://login.bdreporting.com

Response headers

Content-Type
application/x-font-woff2
large
login.bdreporting.com/logo/Avalon/481/ 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bdreporting.com/logo/Avalon/481/large
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:36 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=16070400; includeSubDomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-XSS-Protection
1;mode=block
Cache-Control
no-cache,no-store
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Connection
Keep-Alive
X-Robots-Tag
noindex, nofollow, noarchive
Vary
Accept-Encoding
Content-Length
20
X-Content-Type-Options
nosniff
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96858e1f24e7da112afdfe131d0464c31c17e4d23fb5e34abb7c7f17430bb19c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://login.bdreporting.com

Response headers

Content-Type
application/x-font-woff2
advent.png
login.bdreporting.com/content/images/logos/ 		7 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bdreporting.com/content/images/logos/advent.png
Requested by
Host: login.bdreporting.com
URL: https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.36.128.199 , United States, ASN13938 (SSNC-AS - SS&C Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
9d81ab5dd561e70ad3a2e3ca4c0ea81aec536bf0ece664e7d3168b6ea077f938
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Referer
https://login.bdreporting.com/Auth/SignIn?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3DBlackDiamond_Web%26redirect_uri%3Dhttps%253A%252F%252Fbd3.bdreporting.com%252Fauth%252Fcode%253FUrl%253D%252Fix%26scope%3Dopenid%2520profile%2520api%2520ix%2520offline_access%2520vault%2520rebalancer%26nonce%3DiuZ0Js9UVf%252BPMrk%252BJYBNTNQba5FCR%252BWrUhvVXA2hdFE%253D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 15 Dec 2019 06:49:37 GMT
Referrer-Policy
no-referrer-when-downgrade
Content-Type
image/png
Last-Modified
Wed, 11 Dec 2019 00:06:44 GMT
ETag
"1d5afb6df25d9e1"
Strict-Transport-Security
max-age=16070400; includeSubDomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private,max-age=3600
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow, noarchive
Vary
Accept-Encoding
Content-Length
7137
X-XSS-Protection
1;mode=block

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| bd3 function| vendor_lib object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| debug

3 Cookies

Domain/Path Name / Value
login.bdreporting.com/ Name: .AspNetCore.Antiforgery.kZusIHPjkI8
Value: CfDJ8EW7rlKK5yZFuNG-7pgohDVAZ8gU2k_tkV_-YE6XCK5apzlrqz-ETH6rvAXChgg7sCAsoKZd8IHO1UJO16n0MQxZ61XAocZZ5fNK5xkuYzZF7GYJIfidgo_7yJcMKBKmqudno8LD-qQapsr8ilHiJSU
.bdreporting.com/ Name: TeamID
Value: 481
.bdreporting.com/ Name: FirmAcronym
Value: Avalon

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.bdreporting.com api.mixpanel.com mixpanel.com cdn.mxpnl.com maxcdn.bootstrapcdn.com data: blob:;object-src 'self' *.bdreporting.com blob:;style-src 'self' https://cloud.typography.com https://preview.bdreporting.com https://bd3.bdreporting.com maxcdn.bootstrapcdn.com 'unsafe-inline';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com https://mixpanel.com;frame-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com *.bdreporting.com https://www.gstatic.com *.schwabinstitutional.com;img-src 'self' data: blob: https://www.google.com cdn.mxpnl.com *.rackcdn.com;frame-ancestors 'self' https://*.lightning.force.com https://*.salesforce.com https://*.emoneyadvisor.com https://*.emaplan.com https://*.inautix.com https://*.netx360demo.com https://*.netx360.com https://*.netxprodemo.com https://*.netxpro.com https://*.force.com https://*.financialharvest.com https://*.crm.dynamics.com https://*.crm3.dynamics.com;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block