urlscan.io logo urlscan.io
SecurityTrails logo

stg2.bxbdigital.com Open in urlscan Pro
45.60.14.245  Public Scan

Go To Rescan Add Verdict Report
URL: https://stg2.bxbdigital.com/login/
Submission: On December 17 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 45.60.14.245, located in United States and belongs to INCAPSULA, US. The main domain is stg2.bxbdigital.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on December 9th 2020. Valid for: 6 months.
This is the only time stg2.bxbdigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 45.60.14.245 19551 (INCAPSULA)
13 1
Apex Domain
Subdomains		 Transfer
14 bxbdigital.com
stg2.bxbdigital.com
1 MB
13 1
Domain Requested by
14 stg2.bxbdigital.com 1 redirects stg2.bxbdigital.com
13 1

This site contains links to these domains. Also see Links.

Domain
bxbd-stg-eu.okta.com
brambles.com
bxbdigital.com
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2020		 2020-12-09 -
2021-06-10		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://stg2.bxbdigital.com/login/
Frame ID: FBD390BB56502CC3A592E30C295AAF28
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://stg2.bxbdigital.com/login HTTP 301
    https://stg2.bxbdigital.com/login/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1045 kB
Transfer

3288 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stg2.bxbdigital.com/login HTTP 301
    https://stg2.bxbdigital.com/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
stg2.bxbdigital.com/login/
Redirect Chain
  • https://stg2.bxbdigital.com/login
  • https://stg2.bxbdigital.com/login/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f065f72238c90ac29ceaf44a9d9dc2997f790faf74f45f0d26691b3d29e1d725
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
stg2.bxbdigital.com
:scheme
https
:path
/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visid_incap_1809825=RpG32cQVQ+mkg8ka1OLi33bw2l8AAAAAQUIPAAAAAAC1odoBTnjCKEbIe9OdFA8q; nlbi_1809825=tRi8DJKI0jRBtp4TtqGkywAAAADmpvQ9g/Z0YIXm54qU51K1; incap_ses_689_1809825=dIbMKwqD9CnInMWvE9KPCXbw2l8AAAAA5c9+5nNfYcY3JfW1lpBlsQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:26 GMT
content-type
text/html
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-bef"
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
content-encoding
gzip
x-iinfo
12-2402572-2402571 PNNN RT(1608183926507 0) q(0 0 0 -1) r(0 0) U5

Redirect headers

date
Thu, 17 Dec 2020 05:45:26 GMT
content-type
text/html
content-length
178
location
/login/
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
set-cookie
visid_incap_1809825=RpG32cQVQ+mkg8ka1OLi33bw2l8AAAAAQUIPAAAAAAC1odoBTnjCKEbIe9OdFA8q; expires=Thu, 16 Dec 2021 16:07:10 GMT; HttpOnly; path=/; Domain=.bxbdigital.com; Secure; SameSite=None nlbi_1809825=tRi8DJKI0jRBtp4TtqGkywAAAADmpvQ9g/Z0YIXm54qU51K1; path=/; Domain=.bxbdigital.com; Secure; SameSite=None incap_ses_689_1809825=dIbMKwqD9CnInMWvE9KPCXbw2l8AAAAA5c9+5nNfYcY3JfW1lpBlsQ==; path=/; Domain=.bxbdigital.com; Secure; SameSite=None
x-iinfo
12-2402570-2402571 NNNN CT(32 66 0) RT(1608183926340 0) q(0 0 1 1) r(1 1) U5
vendor.273f65936d586012c0a4.css
stg2.bxbdigital.com/login/css/ 		345 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/css/vendor.273f65936d586012c0a4.css
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3969dc9c8e71c040d8b7fc68134d2a1447af2fabfa9968ac5b0deeaeb45552c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-565cc"
x-frame-options
SAMEORIGIN
content-type
text/css
x-iinfo
12-2402573-2402571 PNNN RT(1608183926581 0) q(0 0 0 -1) r(1 1) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
polyfills.273f65936d586012c0a4.js
stg2.bxbdigital.com/login/js/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/js/polyfills.273f65936d586012c0a4.js
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d95ce30f34a160851975cc28d8cd5819efc02b299901b48fbe5309fbe07d8859
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-24166"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
12-2402574-2402575 NNNN CT(33 35 0) RT(1608183926582 0) q(0 0 1 -1) r(1 2) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
vendor.273f65936d586012c0a4.js
stg2.bxbdigital.com/login/js/ 		1 MB
332 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/js/vendor.273f65936d586012c0a4.js
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6426d9c4218434d4e74b2437d949b17f31f2b95e8fe50f960cb175152d930b04
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-11ce19"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
12-2402576-2402577 NNNN CT(36 36 0) RT(1608183926584 0) q(0 0 1 -1) r(1 2) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
app.273f65936d586012c0a4.js
stg2.bxbdigital.com/login/js/ 		1 MB
446 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/js/app.273f65936d586012c0a4.js
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2f43f5e057a6e2bf581301a1cb85452d7dcb248e9e45be4e2297a9daf10500e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-15cf84"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
12-2402578-2402579 NNNN CT(35 36 0) RT(1608183926584 0) q(0 0 1 -1) r(1 2) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
_Incapsula_Resource
stg2.bxbdigital.com/ 		129 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1563869503
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7d9ecfd1c6bf73b0183bb0c3f1882f0aef0d888105da5ff98b0558d82e4544e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stg2.bxbdigital.com/login/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
18759
content-type
application/javascript
validate
stg2.bxbdigital.com/auth/ 		59 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/auth/validate
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/js/polyfills.273f65936d586012c0a4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
88867cdd089f5b49d6e463359d0bab439ff8c248a04fb63dae8e38a1c3357b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;

Request headers

Accept
application/json, text/plain, */*
Referer
https://stg2.bxbdigital.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-iinfo
12-2402585-2402579 PNYN RT(1608183927403 0) q(0 0 0 -1) r(0 0) U5
date
Thu, 17 Dec 2020 05:45:27 GMT
cache-control
No-Cache
access-control-allow-credentials
true
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-type
application/json
bxb_vertical_rgb_60px.svg
stg2.bxbdigital.com/login/img/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg2.bxbdigital.com/login/img/bxb_vertical_rgb_60px.svg
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ee5c399013556f8c9390d77432274cb38e074ad6695924a731b2b01472394033
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-23c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-iinfo
12-2402586-2402577 PNNN RT(1608183927419 0) q(0 0 0 -1) r(0 0) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
CenturyGothic-Bold.woff2
stg2.bxbdigital.com/login/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/fonts/CenturyGothic-Bold.woff2
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fa3c0c2d02730c75c14a10da35594fe878fb65e8f878ef336f7d0a91d8d61cdf
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://stg2.bxbdigital.com
Referer
https://stg2.bxbdigital.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-c4d8"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
x-iinfo
12-2402587-2402575 PNNN RT(1608183927420 0) q(0 0 0 -1) r(0 0) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
bxb-horizontal-rgb.png
stg2.bxbdigital.com/login/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg2.bxbdigital.com/login/img/bxb-horizontal-rgb.png
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
534ef2499aed097b2e73e8b64756ef1ec2975052ee31d06a68662190fc6949a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-763"
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-2402588-2402579 PNNN RT(1608183927447 0) q(0 0 0 -1) r(0 0) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
brambles.png
stg2.bxbdigital.com/login/img/ 		49 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg2.bxbdigital.com/login/img/brambles.png
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2ae0783b7fde3143a9d9dee27f6a9be8089c3f5525f78d1ed264d1f0f81e267f
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://stg2.bxbdigital.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-c406"
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-2402589-2402571 PNNN RT(1608183927448 0) q(0 0 0 -1) r(0 0) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block
_Incapsula_Resource
stg2.bxbdigital.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg2.bxbdigital.com/_Incapsula_Resource?SWKMTFSR=1&e=0.713375068002992
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://stg2.bxbdigital.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
montserrat-light-webfont.6225f3ca44b83090833064727a09cc95.woff
stg2.bxbdigital.com/login/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stg2.bxbdigital.com/login/fonts/montserrat-light-webfont.6225f3ca44b83090833064727a09cc95.woff?
Requested by
Host: stg2.bxbdigital.com
URL: https://stg2.bxbdigital.com/login/css/vendor.273f65936d586012c0a4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.14.245 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://stg2.bxbdigital.com
Referer
https://stg2.bxbdigital.com/login/css/vendor.273f65936d586012c0a4.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 05:45:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jun 2020 11:16:16 GMT
etag
W/"5ee9fb80-5660"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-iinfo
12-2402596-2402575 PNNN RT(1608183927663 0) q(0 0 0 -1) r(1 1) U5
content-security-policy
default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader function| __assign function| __extends function| __decorate function| __metadata function| __param function| __awaiter object| ngDevMode function| _ object| __zone_symbol__loadfalse object| Backbone object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| jQueryCourage function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

3 Cookies

Domain/Path Name / Value
.bxbdigital.com/ Name: nlbi_1809825
Value: tRi8DJKI0jRBtp4TtqGkywAAAADmpvQ9g/Z0YIXm54qU51K1
.bxbdigital.com/ Name: incap_ses_689_1809825
Value: dIbMKwqD9CnInMWvE9KPCXbw2l8AAAAA5c9+5nNfYcY3JfW1lpBlsQ==
.bxbdigital.com/ Name: visid_incap_1809825
Value: RpG32cQVQ+mkg8ka1OLi33bw2l8AAAAAQUIPAAAAAAC1odoBTnjCKEbIe9OdFA8q

1 Console Messages

Source Level URL
Text
console-api log URL: https://stg2.bxbdigital.com/login/js/app.273f65936d586012c0a4.js(Line 123)
Message:
bxb footer

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' https://fonts.gstatic.com blob: data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; img-src 'self' data: blob: http://*.tile.osm.org https://us-stg-bxbdigital.matomo.cloud https://cdn.wijmo.com ; style-src https://fonts.gstatic.com https://fonts.googleapis.com 'self' 'unsafe-inline'; connect-src 'self' https://bxbd-stg-eu.okta.com https://stg2-iot.bxbdigital.com https://bxbd-euw1-stg-data-service.s3.eu-west-1.amazonaws.com https://bxbd-euw1-device-management.s3.eu-west-1.amazonaws.com https://bxbd-euw1-stg-reports-service.s3.eu-west-1.amazonaws.com wss://stg2.bxbdigital.com https://*.mapbox.com https://*.opendns.com blob:; object-src 'self'; worker-src 'self' blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block