urlscan.io logo urlscan.io
SecurityTrails logo

bbclogin.id.tools.bbc.co.uk Open in urlscan Pro
13.225.78.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staff.bbc.com/gateway/hr/
Effective URL: https://bbclogin.id.tools.bbc.co.uk/
Submission: On August 08 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 13.225.78.119, located in United States and belongs to AMAZON-02, US. The main domain is bbclogin.id.tools.bbc.co.uk.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 13th 2022. Valid for: a year.
This is the only time bbclogin.id.tools.bbc.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2600:9000:223... 16509 (AMAZON-02)
1 1 13.225.78.19 16509 (AMAZON-02)
7 13.225.78.119 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
11 4
Apex Domain
Subdomains		 Transfer
8 bbc.co.uk
gateway.id.tools.bbc.co.uk
bbclogin.id.tools.bbc.co.uk
973 KB
3 bbci.co.uk
gel.files.bbci.co.uk — Cisco Umbrella Rank: 56539
115 KB
2 bbc.com
staff.bbc.com
2 KB
11 3
Domain Requested by
7 bbclogin.id.tools.bbc.co.uk staff.bbc.com
bbclogin.id.tools.bbc.co.uk
3 gel.files.bbci.co.uk bbclogin.id.tools.bbc.co.uk
gel.files.bbci.co.uk
2 staff.bbc.com 1 redirects
1 gateway.id.tools.bbc.co.uk 1 redirects
11 4

This site contains links to these domains. Also see Links.

Domain
help.bbclogin.id.tools.bbc.co.uk
Subject Issuer Validity Valid
staff.bbc.com
GlobalSign RSA OV SSL CA 2018		 2022-02-21 -
2023-03-25		 a year crt.sh
bbclogin.id.tools.bbc.co.uk
GlobalSign RSA OV SSL CA 2018		 2022-07-13 -
2023-08-14		 a year crt.sh
www.bbc.co.uk
GlobalSign RSA OV SSL CA 2018		 2021-10-14 -
2022-11-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bbclogin.id.tools.bbc.co.uk/
Frame ID: A971CB633A14CA2029DB722E5AD3AD19
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BBC Login - Log in

Page URL History Show full URLs

  1. https://staff.bbc.com/gateway/hr/ Page URL
  2. https://staff.bbc.com/api/bbc-login?redirectUrl=https%3A%2F%2Fstaff.bbc.com%2Fgateway%2Fhr%2F HTTP 302
    https://gateway.id.tools.bbc.co.uk/eiam/oauth2/authorize?response_type=code&scope=openid%20ad_profile%20email&a... HTTP 302
    https://bbclogin.id.tools.bbc.co.uk/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

1088 kB
Transfer

3064 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staff.bbc.com/gateway/hr/ Page URL
  2. https://staff.bbc.com/api/bbc-login?redirectUrl=https%3A%2F%2Fstaff.bbc.com%2Fgateway%2Fhr%2F HTTP 302
    https://gateway.id.tools.bbc.co.uk/eiam/oauth2/authorize?response_type=code&scope=openid%20ad_profile%20email&acr_values=low-bhU2H6H0tTgRbZvJf1jS7wQ7RBbsCv4B&client_id=bhU2H6H0tTgRbZvJf1jS7wQ7RBbsCv4B&redirect_uri=https://staff.bbc.com/api/bbc-login-callback&state=e9iq4XqluiS26KIMvOkvAl_-~tH4wzSSdw14NfgW HTTP 302
    https://bbclogin.id.tools.bbc.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
staff.bbc.com/gateway/hr/ 		1 KB
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://staff.bbc.com/gateway/hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6c00:16:bedb:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
staff.bbc.com /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3466213
content-encoding
gzip
content-type
text/html
date
Wed, 29 Jun 2022 11:01:38 GMT
etag
W/"5227d8a7411849aaeb90e4a1d79d95b5"
last-modified
Thu, 25 Mar 2021 12:51:12 GMT
server
staff.bbc.com
vary
Accept-Encoding
via
1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-id
fF0bsfLPNT6FQNv0qEGut7Aju0r6s8r7upzl5UrtPMZ05TczXd13AQ==
x-amz-cf-pop
FRA56-P5
x-amz-version-id
TmXgiawTmEf7KdeXg6t3Qcvbud8ep3.7
x-cache
Error from cloudfront
Primary Request /
bbclogin.id.tools.bbc.co.uk/
Redirect Chain
  • https://staff.bbc.com/api/bbc-login?redirectUrl=https%3A%2F%2Fstaff.bbc.com%2Fgateway%2Fhr%2F
  • https://gateway.id.tools.bbc.co.uk/eiam/oauth2/authorize?response_type=code&scope=openid%20ad_profile%20email&acr_values=low-bhU2H6H0tTgRbZvJf1jS7wQ7RBbsCv4B&client_id=bhU2H6H0tTgRbZvJf1jS7wQ7RBbsC...
  • https://bbclogin.id.tools.bbc.co.uk/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bbclogin.id.tools.bbc.co.uk/
Requested by
Host: staff.bbc.com
URL: https://staff.bbc.com/gateway/hr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
bafafc16df78ea810cf715819c3725a2dd38fac6efbacd2bf47a3c0b9d5adaca
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

Referer
https://staff.bbc.com/gateway/hr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-encoding
gzip
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
content-type
text/html; charset=UTF-8
date
Mon, 08 Aug 2022 13:51:51 GMT
etag
W/"882-181ba8131b0"
last-modified
Fri, 01 Jul 2022 16:03:58 GMT
server
Apache
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-id
zyyXGlA322i8SFxReBBDlNjmtv71e37BHpBhS2vWyy9y_erhIykn6A==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
x-xss-protection
1; mode=block

Redirect headers

content-length
0
date
Mon, 08 Aug 2022 13:51:50 GMT
location
https://bbclogin.id.tools.bbc.co.uk/
referer
https://staff.bbc.com/
server
Apache-Coyote/1.1
vary
Origin
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-id
UTCBWHA9Us_UzgnFc6xiLZCcf_n2faOZdTJJ5bgESd4FoCQtQZa6aA==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
main-c4f99c9e41a9df8617cc.min.css
bbclogin.id.tools.bbc.co.uk/ 		323 KB
197 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bbclogin.id.tools.bbc.co.uk/main-c4f99c9e41a9df8617cc.min.css
Requested by
Host: bbclogin.id.tools.bbc.co.uk
URL: https://bbclogin.id.tools.bbc.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
5b89fe40d51bf71b04acc13354fa0de66b29f6b084d4cd9c2452d6f1f671baeb
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bbclogin.id.tools.bbc.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jul 2022 16:03:58 GMT
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"50a38-181ba8131b0"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/css; charset=UTF-8
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
accept-ranges
bytes
x-amz-cf-id
pBmW3yb5gWZeMCTxUKR1rBfQ-HazARn-9Nndm3gPuZxB0tqziEeQCg==
main-c4f99c9e41a9df8617cc.min.js
bbclogin.id.tools.bbc.co.uk/ 		2 MB
769 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbclogin.id.tools.bbc.co.uk/main-c4f99c9e41a9df8617cc.min.js
Requested by
Host: bbclogin.id.tools.bbc.co.uk
URL: https://bbclogin.id.tools.bbc.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
28ffffc10003125938e82b97569e15935a0db07d52b69886b0357271037334f9
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bbclogin.id.tools.bbc.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jul 2022 16:03:58 GMT
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"2616d0-181ba8131b0"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
accept-ranges
bytes
x-amz-cf-id
-8deb917KwSmKjZf1M5SmTAmypT8poSRu3-IDB0GvI77zwM5B7XbqA==
bbc-reith.css
gel.files.bbci.co.uk/r2.302/ 		4 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gel.files.bbci.co.uk/r2.302/bbc-reith.css
Requested by
Host: bbclogin.id.tools.bbc.co.uk
URL: https://bbclogin.id.tools.bbc.co.uk/main-c4f99c9e41a9df8617cc.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:59a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5244df5a177a964df05b278759d7b5ada900030a035ae61c6e1381a962d02e43

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bbclogin.id.tools.bbc.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
content-encoding
gzip
vary
Accept-Encoding
nel
{"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id
E0516DEE507D3904
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-length
345
x-amz-id-2
uL3TRwMZXYY7pzx7DsrKv8JBhcDBkxsmhTDyYMvFc29WpxdX6RHx2Wn5dElnPtB09rwJ3x4xBr0=
last-modified
Wed, 04 Jul 2018 15:23:51 GMT
server
AmazonS3
etag
"d8634a5bad04531b9152a17cf4dcdde7"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
BBCReithSans_W_Rg.woff2
gel.files.bbci.co.uk/r2.302/ 		59 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gel.files.bbci.co.uk/r2.302/BBCReithSans_W_Rg.woff2
Requested by
Host: gel.files.bbci.co.uk
URL: https://gel.files.bbci.co.uk/r2.302/bbc-reith.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:59a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea6116a3e46ce88879463a1dbb795f28740b5b32412d7385630121c1179c6c63

Request headers

Referer
https://gel.files.bbci.co.uk/r2.302/bbc-reith.css
Origin
https://bbclogin.id.tools.bbc.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
nel
{"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id
72E1F304FEA37BAB
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-length
60804
x-amz-id-2
xnzLY/JIYHOUK5yG8wLUldwN3GXuo5Tp/989ODBMWmufSZWt6bKdy+4/GfotQANijgcDr+JD778=
last-modified
Wed, 04 Jul 2018 15:23:48 GMT
server
AmazonS3
etag
"09d75ce97a7d038868a527f83cbe36a9"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
BBCReithSans_W_Bd.woff2
gel.files.bbci.co.uk/r2.302/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gel.files.bbci.co.uk/r2.302/BBCReithSans_W_Bd.woff2
Requested by
Host: gel.files.bbci.co.uk
URL: https://gel.files.bbci.co.uk/r2.302/bbc-reith.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:59a::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695a4fe9fbdda5612570c4f6ecc7815596b27e2751980b04f5839c29e940ee35

Request headers

Referer
https://gel.files.bbci.co.uk/r2.302/bbc-reith.css
Origin
https://bbclogin.id.tools.bbc.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
nel
{"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id
0C8AB3A549AE7A87
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-length
54608
x-amz-id-2
HcWKRo39TrQ6Boq3CTu+dHSIIfBQm6iN1iiUWQM/r7uN6yPFZOr6vHF4+NMPCfC/gl2wTYWHqr0=
last-modified
Wed, 04 Jul 2018 15:23:47 GMT
server
AmazonS3
etag
"7755552f0612408fa1952362a4679d11"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
version
bbclogin.id.tools.bbc.co.uk/ 		97 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bbclogin.id.tools.bbc.co.uk/version
Requested by
Host: bbclogin.id.tools.bbc.co.uk
URL: https://bbclogin.id.tools.bbc.co.uk/main-c4f99c9e41a9df8617cc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
fe81b3b6383ef506948b2382ab81884067a12876b77f626f3ded8e184777efe5
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bbclogin.id.tools.bbc.co.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:51 GMT
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
97
x-xss-protection
1; mode=block
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"61-XWcfOO4QTusf4y3XQZWK3ysTkHA"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
x-amz-cf-id
rz7hSzrNOR9tvcY9IXbVRMEmOgkiV78UrknME_ZMfYjKgRbrNeiocw==
truncated
/ 		181 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d3e5eba8437bf1affa71fb20c304096ff8c02158a795ef9c35f320570b08705

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
BBC_Login.svg
bbclogin.id.tools.bbc.co.uk/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbclogin.id.tools.bbc.co.uk/img/BBC_Login.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
c122cda18ca5cda7d50ff9d49fb43f6cea963a493796ee7bf9e017c9b1230124
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bbclogin.id.tools.bbc.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jul 2022 16:03:58 GMT
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"85d-181ba8131b0"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control
public, max-age=0
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
accept-ranges
bytes
x-amz-cf-id
tFL4mDN9IY9RfnMCjIv5Bu_MKHxBQf8juVrrHeOs3Jk6lCa2f1TNJQ==
tick_selected.svg
bbclogin.id.tools.bbc.co.uk/img/ 		770 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbclogin.id.tools.bbc.co.uk/img/tick_selected.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
282aed5c5b34956872c2e0e332be82fa532525e31a58aef22ef815b69e991594
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://bbclogin.id.tools.bbc.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 13:51:52 GMT
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
content-length
770
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jul 2022 16:03:58 GMT
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"302-181ba8131b0"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/svg+xml
cache-control
public, max-age=0
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
accept-ranges
bytes
x-amz-cf-id
lYd9c678SnEjxnPYO3Rhf8VkmXTMsfGNtik2yuB-SuyNpXPhv44y9Q==
checkSignedIn
bbclogin.id.tools.bbc.co.uk/ 		17 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bbclogin.id.tools.bbc.co.uk/checkSignedIn
Requested by
Host: bbclogin.id.tools.bbc.co.uk
URL: https://bbclogin.id.tools.bbc.co.uk/main-c4f99c9e41a9df8617cc.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-119.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
Content-Security-Policy frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://som-myit.onbmc.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bbclogin.id.tools.bbc.co.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 08 Aug 2022 13:51:52 GMT
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding
content-length
17
x-xss-protection
1; mode=block
server
Apache
x-frame-options
ALLOW-FROM https://som-myit.onbmc.com
etag
W/"11-UIVUdQWNarX1D9mk06okyEMbpS8"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-security-policy
frame-src https://som-myit.onbmc.com https://*.bbc.co.uk https://portal.bbcstudios.cloud
x-amz-cf-id
95hjpEH1RvloIxDEVNMRVk63tkIQyYoTu2yp1pVnydh15VtsCrJbjw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| moment

2 Cookies

Domain/Path Name / Value
staff.bbc.com/ Name: csrf_token
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJFQ0RTQV9TSEFfNTEyIn0%3D.eyJjc3JmVG9rZW4iOiJlOWlxNFhxbHVpUzI2S0lNdk9rdkFsXy1%2BdEg0d3pTU2R3MTROZmdXIiwiaXNSaXNrTGV2ZWxIaWdoIjpmYWxzZSwicmVkaXJlY3RVcmwiOiJodHRwczovL3N0YWZmLmJiYy5jb20vZ2F0ZXdheS9oci8iLCJpcEFkZHJlc3MiOiIyMDAxOmFjODoyMTplOjo0IiwiZXhwaXJlc0F0IjoxNjU5OTY3NjEwMzgxfQ%3D%3D.MIGIAkIBEPFGXX1n%2Ff6MH15Aq5di31Jffn%2FDclZGEgY8FmY2WrdoupIkzxmjlMUZ9h2N8PshEVdAtWOUOGG%2FhTK4Zw7gSNwCQgCbqz%2BEduYPpO6Z%2BCBVy8uHe5NE02UVHZ0cWuKzifRj8BQ60Rvie1rlvmCW6ezGAWCbDFkPHzh2gWs59Gy05sGuVw%3D%3D
.id.tools.bbc.co.uk/ Name: ckns_redr
Value: aHR0cHM6Ly9nYXRld2F5LmlkLnRvb2xzLmJiYy5jby51ay9laWFtL29hdXRoMi9hdXRob3JpemU/cmVzcG9uc2VfdHlwZT1jb2RlJnNjb3BlPW9wZW5pZCUyMGFkX3Byb2ZpbGUlMjBlbWFpbCZhY3JfdmFsdWVzPWxvdy1iaFUySDZIMHRUZ1JiWnZKZjFqUzd3UTdSQmJzQ3Y0QiZjbGllbnRfaWQ9YmhVMkg2SDB0VGdSYlp2SmYxalM3d1E3UkJic0N2NEImcmVkaXJlY3RfdXJpPWh0dHBzOi8vc3RhZmYuYmJjLmNvbS9hcGkvYmJjLWxvZ2luLWNhbGxiYWNrJnN0YXRlPWU5aXE0WHFsdWlTMjZLSU12T2t2QWxfLX50SDR3elNTZHcxNE5mZ1c=

1 Console Messages

Source Level URL
Text
network error URL: https://staff.bbc.com/gateway/hr/
Message:
Failed to load resource: the server responded with a status of 403 ()