urlscan.io logo urlscan.io
SecurityTrails logo

www.blackrock.com Open in urlscan Pro
23.38.134.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.blackrock.com/gateway2/document-center?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Effective URL: https://www.blackrock.com/authplatform/user/signin
Submission: On June 25 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 36 HTTP transactions. The main IP is 23.38.134.116, located in Sydney, Australia and belongs to AKAMAI-AS, US. The main domain is www.blackrock.com. The Cisco Umbrella rank of the primary domain is 143511.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 16th 2023. Valid for: a year.
This is the only time www.blackrock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 35 23.38.134.116 16625 (AKAMAI-AS)
3 15.197.151.86 16509 (AMAZON-02)
1 1 69.52.13.199 31747 (BLACKROCK...)
36 3
Apex Domain
Subdomains		 Transfer
39 blackrock.com
www.blackrock.com — Cisco Umbrella Rank: 143511
login.blackrock.com — Cisco Umbrella Rank: 461995
blackrock.com — Cisco Umbrella Rank: 56070
3 MB
36 1
Domain Requested by
35 www.blackrock.com 2 redirects www.blackrock.com
3 login.blackrock.com www.blackrock.com
1 blackrock.com 1 redirects
36 3

This site contains links to these domains. Also see Links.

Domain
login.blackrock.com
Subject Issuer Validity Valid
*.blackrock.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-16 -
2024-11-16		 a year crt.sh
login.blackrock.com
Entrust Certification Authority - L1K		 2023-07-18 -
2024-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.blackrock.com/authplatform/user/signin
Frame ID: 9587146AA495E1DC5D629B7628AF53EC
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://www.blackrock.com/gateway2/document-center?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1Mz... HTTP 301
    https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1M... Page URL
  2. https://blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1M... HTTP 301
    https://www.blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1M... HTTP 302
    https://www.blackrock.com/authplatform/user/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

2
Countries

3023 kB
Transfer

9497 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.blackrock.com/gateway2/document-center?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ== HTTP 301
    https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ== Page URL
  2. https://blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ%3D%3D&issuer_uri=https%3A%2F%2Flogin.blackrock.com%2Foauth2%2Faus7uws47fcdUMInx357&client_id=0oa7v6ndtrYFPjnxy357&redirect_uri=https%3A%2F%2Fwww.blackrock.com%2Fgateway2%2Fdocument-center&code_challenge=tT43AwDxANV4eb6rDC_YiouQi6jBVnDSi0sEz_8XviQ&code_challenge_method=S256&nonce=88WXtBQruqc93YwBcjz454Z5lLppSKUf4nFBv1d5x2uGFdq0DLZlRV86biMbsxQI&scope=openid+profile+email+offline_access&state=eyJnd1ZlcnNpb24iOm51bGx9&disable_forgot_password=false&aladdin_auth=false&disable_registration=true&inv_type_hint=ind&site=gateway HTTP 301
    https://www.blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ%3D%3D&issuer_uri=https%3A%2F%2Flogin.blackrock.com%2Foauth2%2Faus7uws47fcdUMInx357&client_id=0oa7v6ndtrYFPjnxy357&redirect_uri=https%3A%2F%2Fwww.blackrock.com%2Fgateway2%2Fdocument-center&code_challenge=tT43AwDxANV4eb6rDC_YiouQi6jBVnDSi0sEz_8XviQ&code_challenge_method=S256&nonce=88WXtBQruqc93YwBcjz454Z5lLppSKUf4nFBv1d5x2uGFdq0DLZlRV86biMbsxQI&scope=openid+profile+email+offline_access&state=eyJnd1ZlcnNpb24iOm51bGx9&disable_forgot_password=false&aladdin_auth=false&disable_registration=true&inv_type_hint=ind&site=gateway HTTP 302
    https://www.blackrock.com/authplatform/user/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.blackrock.com/gateway2/document-center?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ== HTTP 301
  • https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.blackrock.com/gateway2/document-center/
Redirect Chain
  • https://www.blackrock.com/gateway2/document-center?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
  • https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
f90586922ea531bdeb9a6b3b8e9a45417d751b41147c590d367b1ec7dd694816
Security Headers
Name Value
Content-Security-Policy default-src https://www.blackrock.com/akam/13/ https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache,public
content-encoding
gzip
content-length
2348
content-security-policy
default-src https://www.blackrock.com/akam/13/ https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 00:31:37 GMT
etag
W/"6661879a-1583"
expires
Tue, 25 Jun 2024 00:31:36 GMT
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
strict-transport-security
max-age=31536000;preload
vary
Accept-Encoding
x-akamai-transformed
9 2085 0 pmb=mTOE,3
x-content-type-options
nosniff
x-envoy-upstream-service-time
122
x-frame-options
SAMEORIGIN
x-host-ref
gateway-content-service-live-6b558c4bbc-m9rvt/gateway-content-service
x-region-ref
musw2
x-xss-protection
1; mode=block

Redirect headers

cache-control
public
content-length
162
content-security-policy
default-src https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
content-type
text/html
date
Tue, 25 Jun 2024 00:31:37 GMT
location
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
server
istio-envoy
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-host-ref
gateway-content-service-live-6b558c4bbc-m9rvt/gateway-content-service
x-region-ref
musw2
x-xss-protection
1; mode=block
blackrock_logo_72.png
www.blackrock.com/gateway2/document-center/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blackrock.com/gateway2/document-center/blackrock_logo_72.png
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:38 GMT
content-encoding
br
x-host-ref
gateway-content-service-live-6b558c4bbc-m9rvt/gateway-content-service
x-envoy-upstream-service-time
1
x-region-ref
musw2
content-length
1928
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-1583"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
expires
Tue, 25 Jun 2024 00:31:38 GMT
3fe91856
www.blackrock.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/akam/13/3fe91856
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
036fb15ccc5b704d3ae81d69da598f26e849d38272ffd877c00b44ca78a76169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
gzip
last-modified
Thu, 22 Feb 2024 19:36:51 GMT
etag
"dcb92ac2e45db4961b7d0e097bd03c761e70db5e77269f83161ff647468dd7d6"
stored-attribute-sha-checksum
036fb15ccc5b704d3ae81d69da598f26e849d38272ffd877c00b44ca78a76169
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
8773
expires
Tue, 25 Jun 2024 00:31:37 GMT
runtime.43b1938e3e7bd57e.js
www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/runtime.43b1938e3e7bd57e.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
d56bb1cdcbd4f05247ef7157ba8b8b2ac846f3bc0d76b6ab57b0bad2b1db94f3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
br
x-host-ref
gateway-content-service-live-6b558c4bbc-g2mf6/gateway-content-service
x-envoy-upstream-service-time
12
x-region-ref
musw2
content-length
700
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-498"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1479
polyfills.428a41439ca16a88.js
www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/ 		98 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/polyfills.428a41439ca16a88.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
d370cc4abcac88c3007dc4be6a488b5d072cd0bc0451f5c33cf65a7e2fc47369
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
gzip
x-host-ref
gateway-content-service-live-6b558c4bbc-g2mf6/gateway-content-service
x-envoy-upstream-service-time
12
x-region-ref
musw2
content-length
36500
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-1884f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1532
scripts.81a751b8783281a6.js
www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/ 		33 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/scripts.81a751b8783281a6.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
9a29b8681b97bd5ed22677d0ae804dedbf6a219d3550e653ef6ad50b7ad243e1
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
br
x-host-ref
gateway-content-service-live-6b558c4bbc-g2mf6/gateway-content-service
x-envoy-upstream-service-time
15
x-region-ref
musw2
content-length
38
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-21"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1534
main.a681f9dec97db188.js
www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/main.a681f9dec97db188.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
8762a1a4866d06004fdb35194de88e9ddcf2d3c6cb972ba5b39ed74f506d77f3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
gzip
x-host-ref
gateway-content-service-live-6b558c4bbc-g2mf6/gateway-content-service
x-envoy-upstream-service-time
12
x-region-ref
musw2
content-length
1947351
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-5ca925"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1588
AQAB
www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2c7254c5fb1f335121f004205ee223a66092f488bd8ede1adc521756d8d901a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
br
last-modified
Mon, 29 Apr 2024 18:42:15 GMT
etag
"6cd2b6c8c0a97cd95ae3a6accc2aa2aa6b3867e073ef5c1b4027a38d2b94ff2e"
stored-attribute-sha-checksum
b2c7254c5fb1f335121f004205ee223a66092f488bd8ede1adc521756d8d901a
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600, max-age=21600
content-length
77713
styles.391eb8814397b9fb.css
www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/ 		394 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/styles.391eb8814397b9fb.css
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
c0d853b1ae4804e7ac5fc136813d4c222e860c6165f50726f1be75a8f5456a5f
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:37 GMT
content-encoding
gzip
x-host-ref
gateway-content-service-live-6b558c4bbc-g2mf6/gateway-content-service
x-envoy-upstream-service-time
11
x-region-ref
musw2
content-length
69979
x-xss-protection
1; mode=block
last-modified
Thu, 06 Jun 2024 09:55:38 GMT
server
istio-envoy
etag
W/"6661879a-62767"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=365
BLKFort-Book.7235e28bb88caa77.woff
www.blackrock.com/gateway2/document-center/ 		60 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/gateway2/document-center/BLKFort-Book.7235e28bb88caa77.woff
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
bb3ff2a94d23a0ddd5631632ac09b74c13f4dc28cca8e3fa43e1a15e2d7bd147
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:38 GMT
x-host-ref
gateway-content-service-live-6b558c4bbc-m9rvt/gateway-content-service
x-envoy-upstream-service-time
12
x-region-ref
musw2
content-length
61896
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 06 Jun 2024 09:55:37 GMT
server
istio-envoy
etag
"66618799-f1c8"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
https://www.blackrock.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Tue, 25 Jun 2024 00:31:38 GMT
AQAB
www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/ 		18 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Jun 2024 00:31:38 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.blackrock.com
access-control-allow-credentials
true
x_req_id
80063428-d73b-4240-9bef-7d192cafafc0
access-control-allow-headers
Content-Type
content-length
18
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
me
login.blackrock.com/api/v1/sessions/ 		163 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.blackrock.com/api/v1/sessions/me
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/polyfills.428a41439ca16a88.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.blackrock.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
ZnoP6h0tuxi0NFqI2v3chAAABU4
Date
Tue, 25 Jun 2024 00:31:38 GMT
content-security-policy
default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
3000
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2991
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://www.blackrock.com
x-rate-limit-reset
1719275532
access-control-allow-credentials
true
cache-control
no-cache, no-store
Keep-Alive
timeout=5, max=100
expires
0
favicon.ico
www.blackrock.com/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
date
Tue, 25 Jun 2024 00:31:38 GMT
last-modified
Wed, 16 Mar 2011 19:43:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
p3p
CP="CAO PSA OUR"
rmt
0
accept-ranges
bytes
content-length
469
x-xss-protection
1; mode=block
pixel_3fe91856
www.blackrock.com/akam/13/ 		0
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/akam/13/pixel_3fe91856
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/polyfills.428a41439ca16a88.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.blackrock.com/gateway2/document-center/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ==
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jun 2024 00:31:38 GMT
content-length
0
content-type
text/html
Primary Request signin
www.blackrock.com/authplatform/user/
Redirect Chain
  • https://blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ%3D%3D&issuer_uri=https%3A%2F%2Flogin.blackrock.com%2Foauth2%2Faus7uws47fcdUMInx357&client...
  • https://www.blackrock.com/authplatform/user/signin/?downloadKeys=eyJzb3VyY2UiOiJBRFIiLCJkb2NJZCI6MTY1MzgxNjk5fQ%3D%3D&issuer_uri=https%3A%2F%2Flogin.blackrock.com%2Foauth2%2Faus7uws47fcdUMInx357&cl...
  • https://www.blackrock.com/authplatform/user/signin
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/user/signin
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/gateway2/resources/9.4.0-rc.0/apps/document-center/main.a681f9dec97db188.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b33438044a4b6899acf7ec20aeac951f7543b867c5e91f559585bc6b50bde7d9
Security Headers
Name Value
Content-Security-Policy default-src https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://www.blackrock.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-encoding
gzip
content-language
en-US
content-length
3990
content-security-policy
default-src https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-3AEao6Vzh1aaeeZTMBfhoA=='
content-type
text/html;charset=UTF-8
date
Tue, 25 Jun 2024 00:31:40 GMT
server
istio-envoy
strict-transport-security
max-age=31536000;preload
vary
accept-encoding
x-akamai-transformed
9 4498 0 pmb=mTOE,1
x-content-type-options
nosniff
x-envoy-upstream-service-time
27
x-frame-options
SAMEORIGIN
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-region-ref
musw2
x-request-id
19010d279c6
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
0
content-security-policy
default-src https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-5gKeATUGlbh/+4N9Sh8uQA=='
date
Tue, 25 Jun 2024 00:31:40 GMT
location
https://www.blackrock.com/authplatform/user/signin
server
istio-envoy
strict-transport-security
max-age=31536000;preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
245
x-frame-options
SAMEORIGIN
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-region-ref
musw2
x-request-id
19010d279c5
x-xss-protection
1; mode=block
okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/ 		229 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
a932f3ea1af48ec1a56e13ae68234fb7c2deac867a72715df976262d9c8c64cb
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-CAWqWA64SpGTDec+bcjnYg=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
37
x-region-ref
musw2
content-length
34169
x-xss-protection
1; mode=block
x-request-id
19010d279c8
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
up-blk-448a076406d7f4766405d46d1f81090a.css
www.blackrock.com/authplatform/assets/css/ 		310 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
ca94ae9b0c7ecb566734bdb133fd499b1d073ace970dd4326ea929e2085e1c16
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-iD4ofCoMwlMamFOUBGaLow=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
36
x-region-ref
musw2
content-length
51217
x-xss-protection
1; mode=block
x-request-id
19010d279cb
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
blackrock-logo-nav-white-990c18f15fbb94ab8a519fc2ac37fe43.png
www.blackrock.com/authplatform/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blackrock.com/authplatform/assets/images/blackrock-logo-nav-white-990c18f15fbb94ab8a519fc2ac37fe43.png
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
9d35e2e14df3cf8c5407b826f38a4a94d06c940081abc03cbebbe398007186af
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-aVSK10b6UjHwxB1QGqUJ0w=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
4977
x-xss-protection
1; mode=block
x-request-id
19010d279c7
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"990c18f15fbb94ab8a519fc2ac37fe43"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=7154
accept-ranges
bytes
expires
Tue, 25 Jun 2024 02:30:54 GMT
jquery.min-b61aa6e2d68d21b3546b5b418bf0e9c3.js
www.blackrock.com/authplatform/assets/third-party/jquery-3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/jquery-3.5.1/jquery.min-b61aa6e2d68d21b3546b5b418bf0e9c3.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:41 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-9c3LMahCgy8Dzjl5p5E6Gw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
6
x-region-ref
musw2
content-length
30964
x-xss-protection
1; mode=block
x-request-id
19010d279cf
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"b61aa6e2d68d21b3546b5b418bf0e9c3"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
jquery.validate.min-5861a036c2de6c2df26749fe41d57605.js
www.blackrock.com/authplatform/assets/third-party/jquery-validate-1.19.5/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/jquery-validate-1.19.5/jquery.validate.min-5861a036c2de6c2df26749fe41d57605.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:41 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-FX8DlZNKYEG/2bLwcY8r/w=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
3
x-region-ref
musw2
content-length
7924
x-xss-protection
1; mode=block
x-request-id
19010d279d3
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"5861a036c2de6c2df26749fe41d57605"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
popper.min-b1dbc64f8b1dfe0c089dd55b09bbbc72.js
www.blackrock.com/authplatform/assets/third-party/popper-1.12.9/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/popper-1.12.9/popper.min-b1dbc64f8b1dfe0c089dd55b09bbbc72.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-MOkZbEJJgy6e3uZKyvnztA=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
6924
x-xss-protection
1; mode=block
x-request-id
19010d279cc
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"b1dbc64f8b1dfe0c089dd55b09bbbc72"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31535953
accept-ranges
bytes
okta-sign-in-no-jquery-572e337e904000b028ba5362b8a06905.js
www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/js/ 		2 MB
391 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/js/okta-sign-in-no-jquery-572e337e904000b028ba5362b8a06905.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
d6839ac85413499562ba792469a999bb988c174c2e86775f9e66a5b20243ddf8
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-+9tbzkae9NNlLBieauCG9Q=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
16
x-region-ref
musw2
x-xss-protection
1; mode=block
x-request-id
19010d279ca
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"572e337e904000b028ba5362b8a06905"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
url-polyfill-d75b8c028835f67a9c2be3ce10d9ab83.js
www.blackrock.com/authplatform/assets/third-party/url-polyfill-1.1.5/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/url-polyfill-1.1.5/url-polyfill-d75b8c028835f67a9c2be3ce10d9ab83.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
12f355afd37b8dbc4160dab556f81ce0e05c488be120c4b1e2bd4c47e69e3c20
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:41 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-R7HZggqMMtgDoNNZBGPPZA=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
3197
x-xss-protection
1; mode=block
x-request-id
19010d279d1
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"d75b8c028835f67a9c2be3ce10d9ab83"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31535997
accept-ranges
bytes
RainUI-10bd4a4973984db669bf407ecca96480.js
www.blackrock.com/authplatform/assets/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/js/RainUI-10bd4a4973984db669bf407ecca96480.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
f4a43b911fe2219d44fb1e7000f3f2313aca9fb31bb71d1b673b852d75a77e06
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-o774ec2U0qiFgyAb0ZRiWg=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
3
x-region-ref
musw2
content-length
6357
x-xss-protection
1; mode=block
x-request-id
19010d279d0
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"10bd4a4973984db669bf407ecca96480"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31535974
accept-ranges
bytes
main-fd920a26d4468759af3bdc3ce1b9e2f6.js
www.blackrock.com/authplatform/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/js/main-fd920a26d4468759af3bdc3ce1b9e2f6.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
2f22ff3d2f0027deb04388f0c22400b40ffc6501b6832f1f8ed1a056a7e7b8a3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:40 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-r7ejH7wc9G18JYXLIsvEtw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
3
x-region-ref
musw2
content-length
3548
x-xss-protection
1; mode=block
x-request-id
19010d279ce
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"fd920a26d4468759af3bdc3ce1b9e2f6"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31535968
accept-ranges
bytes
user-auth-814aea3e46dfc11ca7884da3d5e308c4.js
www.blackrock.com/authplatform/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/js/user-auth-814aea3e46dfc11ca7884da3d5e308c4.js
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
d6d8994beda4f40fade4f01854ba0315375c855d90c64dc168aff2670db21933
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
date
Tue, 25 Jun 2024 00:31:41 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-2xnqmLqv/b77z7YpYbThTw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
2397
x-xss-protection
1; mode=block
x-request-id
19010d279d2
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"814aea3e46dfc11ca7884da3d5e308c4"
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cache-control
public, max-age=31535949
accept-ranges
bytes
AQAB
www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/user/signin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2c7254c5fb1f335121f004205ee223a66092f488bd8ede1adc521756d8d901a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 00:31:40 GMT
content-encoding
br
last-modified
Mon, 29 Apr 2024 18:42:15 GMT
etag
"6cd2b6c8c0a97cd95ae3a6accc2aa2aa6b3867e073ef5c1b4027a38d2b94ff2e"
stored-attribute-sha-checksum
b2c7254c5fb1f335121f004205ee223a66092f488bd8ede1adc521756d8d901a
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600, max-age=21600
content-length
77713
me
login.blackrock.com/api/v1/sessions/ 		163 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.blackrock.com/api/v1/sessions/me
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/third-party/jquery-3.5.1/jquery.min-b61aa6e2d68d21b3546b5b418bf0e9c3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
63fe7f9f1d8a165570d8ec2866ba647b8ecf986278b49d1b2b006f254d3b599e
Security Headers
Name Value
Content-Security-Policy default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-Okta-XsrfToken
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.blackrock.com/
sec-ch-ua-platform
"Win32"

Response headers

x-okta-request-id
ZnoP7R0tuxi0NFqI2v3cnwAABU4
Date
Tue, 25 Jun 2024 00:31:41 GMT
content-security-policy
default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
x-rate-limit-limit
3000
x-content-type-options
nosniff
Content-Encoding
gzip
x-rate-limit-remaining
2990
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
x-xss-protection
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
Server
nginx
accept-ch
Sec-CH-UA-Platform-Version
Vary
Accept-Encoding,Origin
Content-Type
application/json
access-control-allow-origin
https://www.blackrock.com
x-rate-limit-reset
1719275532
access-control-allow-credentials
true
cache-control
no-cache, no-store
Keep-Alive
timeout=5, max=99
expires
0
favicon.ico
www.blackrock.com/authplatform/ 		894 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
b3bc6c6810d7ddf58a413a1323523dd1b405cfdfa4a1d89eea7d9dc184e33541
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/user/signin
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:41 GMT
content-encoding
br
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-cBuEFZVb7QZ49alglf44pw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
1
x-region-ref
musw2
content-length
490
x-xss-protection
1; mode=block
x-request-id
19010d279d6
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
image/x-icon
cache-control
max-age=31535955
expires
Wed, 25 Jun 2025 00:30:56 GMT
me
login.blackrock.com/api/v1/sessions/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://login.blackrock.com/api/v1/sessions/me
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.151.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a9d4dea8e2661b2ed.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-okta-xsrftoken
Access-Control-Request-Method
GET
Origin
https://www.blackrock.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Date
Tue, 25 Jun 2024 00:31:41 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
x-okta-xsrftoken,Content-Type
access-control-allow-methods
DELETE, GET, OPTIONS
access-control-allow-origin
https://www.blackrock.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-security-policy
default-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; connect-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com blackrock.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; style-src 'unsafe-inline' 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com; frame-src 'self' blackrock.okta.com blackrock-admin.okta.com login.blackrock.com login.okta.com *.vidyard.com api-d659d5d1.duosecurity.com; img-src 'self' blackrock.okta.com login.blackrock.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' blackrock.okta.com login.blackrock.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
ZnoP7f3HmAguPaQUv3hrSwAADrw
x-rate-limit-limit
50000
x-rate-limit-remaining
49955
x-rate-limit-reset
1719275503
x-xss-protection
0
fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2
www.blackrock.com/authplatform/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/fonts/fontawesome-webfont-af7ae505a9eed503f8b8e6982036873e.woff2?v=4.7.0
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-dPQ4Owhw0hLABZbfh1ty4Q=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
77160
x-xss-protection
1; mode=block
x-request-id
19010d279e5
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"af7ae505a9eed503f8b8e6982036873e"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://www.blackrock.com
cache-control
public, max-age=31535981
accept-ranges
bytes
BLKFort-Extrabold-47933bc0888be0f9b22bbe5ed2880f98.woff2
www.blackrock.com/authplatform/assets/fonts/blk-fort/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/fonts/blk-fort/BLKFort-Extrabold-47933bc0888be0f9b22bbe5ed2880f98.woff2
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
dc193d3eceb8576a310e88aaa25c4dde16a6a4b5a1809472755791d507d36e4c
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-ekNJo/FmlEP5zsFyq4S+Hw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
48728
x-xss-protection
1; mode=block
x-request-id
19010d279e8
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"47933bc0888be0f9b22bbe5ed2880f98"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://www.blackrock.com
cache-control
public, max-age=31535949
accept-ranges
bytes
BLKFort-Book-97f67d9f1f0ad7529eada91caa738b5b.woff2
www.blackrock.com/authplatform/assets/fonts/blk-fort/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/fonts/blk-fort/BLKFort-Book-97f67d9f1f0ad7529eada91caa738b5b.woff2
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
c635d642b30798b26ad9344bcd24ac25f49932f2b74e4e023d582fceb9b85498
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/css/up-blk-448a076406d7f4766405d46d1f81090a.css
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-i0VqQXh/lDp2ytWOGrDOyA=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
46140
x-xss-protection
1; mode=block
x-request-id
19010d279e6
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"97f67d9f1f0ad7529eada91caa738b5b"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://www.blackrock.com
cache-control
public, max-age=31536000
accept-ranges
bytes
checkbox-sign-in-widget-7846b2f8c6d0a7ca69fdd3d3c294e92d.png
www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/img/ui/forms/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/img/ui/forms/checkbox-sign-in-widget-7846b2f8c6d0a7ca69fdd3d3c294e92d.png
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-zP7P/7KghWV29s98aRZ8Vw=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
3141
x-xss-protection
1; mode=block
x-request-id
19010d279ea
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"7846b2f8c6d0a7ca69fdd3d3c294e92d"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=7184
accept-ranges
bytes
expires
Tue, 25 Jun 2024 02:31:26 GMT
montserrat-light-webfont-6225f3ca44b83090833064727a09cc95.woff
www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/font/montserrat-light-webfont-6225f3ca44b83090833064727a09cc95.woff
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-tarAIzS7NXZy+xIERNq7/A=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
1
x-region-ref
musw2
content-length
22112
x-xss-protection
1; mode=block
x-request-id
19010d279e9
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"6225f3ca44b83090833064727a09cc95"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
https://www.blackrock.com
cache-control
public, max-age=31535903
accept-ranges
bytes
montserrat-regular-webfont-8f2822b73b5f9c106c6f2e0db820bcbb.woff
www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/font/montserrat-regular-webfont-8f2822b73b5f9c106c6f2e0db820bcbb.woff
Requested by
Host: www.blackrock.com
URL: https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.38.134.116 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-38-134-116.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.blackrock.com/authplatform/assets/third-party/okta-signin-widget-5.16.1/css/okta-sign-in.min-32082203138e95c3496af212b9076cd4.css
Origin
https://www.blackrock.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000;preload
content-security-policy
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
x-content-type-options
nosniff
date
Tue, 25 Jun 2024 00:31:42 GMT
content-security-policy-report-only
default-src https:; font-src https: data:; img-src https: data:; base-uri 'self'; object-src 'self'; media-src https: 'self'; child-src https: 'self'; worker-src https: 'self'; frame-ancestors 'self'; style-src https: 'self' 'unsafe-inline'; script-src https: 'nonce-culzxks327bGZD/k7hGFAQ=='
x-host-ref
cwp-atmos-live-7d8c587b7b-rs4wf/microservice
x-envoy-upstream-service-time
2
x-region-ref
musw2
content-length
21980
x-xss-protection
1; mode=block
x-request-id
19010d279e7
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
server
istio-envoy
etag
W/"8f2822b73b5f9c106c6f2e0db820bcbb"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
https://www.blackrock.com
cache-control
public, max-age=31536000
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| Popper object| regeneratorRuntime function| setImmediate function| clearImmediate object| Backbone function| jQueryCourage object| u2f function| OktaSignIn function| RainDrop function| RainInput function| hasParent function| extend function| isEmail function| isAlphabet object| classie function| RainUI object| $Iframe boolean| mousedown object| $modalRef object| bodyElm string| listOfBeans object| emails function| toggleInfoBox function| addValidation function| openModal function| trapModalFocus function| closeModal function| submitForm function| showCanadaCASDialog function| processInvestorTypes function| iFrameReady string| clientId string| redirectUri string| issuer object| responseMode object| responseTypes object| scopes string| state string| nonce string| code_challenge function| checkSession function| idpRedirect function| renderOktaWidget function| getIdpDiscoveryUrlString function| ajax function| emptyAjaxCallback function| clearUserSessionParams function| setAuthFailedUsername function| setExpiredUsername function| setUsername function| preAuthAjaxCallback function| getAuthorizeUrlString function| initializeOktaWidget function| redirectUnauthorized function| showTermsAndConditions object| _cf object| bmak string| _sdTrace

11 Cookies

Domain/Path Name / Value
www.blackrock.com/authplatform Name: JSESSIONID
Value: 5CFDBEB03231C85098CBDB43B2B34215
www.blackrock.com/authplatform Name: STICKY_SESSION_COOKIE_ATMOS_LIVE
Value: "d087ade0a3ea5d38"
www.blackrock.com/gateway2 Name: STICKY_SESSION_COOKIE_GATEWAY_CONTENT_SERVICE_LIVE
Value: "d5a58b9d200381ac"
.blackrock.com/ Name: bm_mi
Value: 6052ACAF20862CBB57790C003F32F1B5~YAAQjvI3F7EyCEOQAQAAYCnOTBhIiNwRmdjFRW+QfyGjBHVvwnEeh4aqhXrSHhBY4082IhdIRSnKSl/HQ+QWNeSVYngkR10Z8Yg2a6u34fr57j6254lmbkabXAb64CRN51Q7id0R8JFEOQ0ZpYtpI1kEQUxe4cgS/MnStVeLvgcy9Bno4FBQwWwQ3rdSlmPUE8BG+yE6SO4o5/5U4J3ucKaE6xped4h5NvUVeRHe/2z+ybM73jBE5Y5AwTyBKz2sA+Wm+1x30eQGF1gdjaXS3u4q0veXCmN4V9B5T7B6VCp4OyFsaLptxvJ2vcO32jManeT56996YLwGSZ0AT002zTvwFaHpmnBZxKY=~1
.blackrock.com/ Name: _abck
Value: D26F57AF6E0B8E71D7C6CA2EF6E72295~0~YAAQjvI3F9oyCEOQAQAAGivOTAzBc6okaFurHFFoDmtUdni87CEdP3gX+PIA3ubWRqXXiSW1bj+nGIoj1Q1beHmGDXGQ0xVkMjm+aRzXoqYdeu/Z/RLnSwRx34nJgRkOqvCmMRDrnpHYGR1fNcDg6uQ9Q9m9dRdG2Y1xm81Pn+J/NXiHh93gHqTmInwRR8A9fnw7Z+frok6FnwjYfdgUxyVoaxc4He8y2VDIxXY9vlem1S9CO7hZzukkGB6JHWkPKHQD2FlykdPUDOU1f2c+BSLvDGLI3yVO97Dp8+F40fCs+ZSzmmjWxaVSljczjui+GnX1egabEYs1KJpwM5maCTH8Y8I7kljJEXeyEDsKQq+XX5/8BIO3LVeZVTb4WRKkT/wsR0n1+2a4gb/hwXm//0pCR4HvAROUCAKv~-1~||0||~-1
.blackrock.com/ Name: ak_bmsc
Value: 93F7C737F7556254564A797EFB7CC040~000000000000000000000000000000~YAAQjvI3F/IyCEOQAQAAXCzOTBhDfF6XP+vZBwAYKIT0A44lPKyz4kPAVC5Yipf4axnhQbKSeyWoaZ5S2SbaItbAyVrVPLu4dFhUPbApNLDfzmGn+rS5Kq9s19AEECCjIie0VYP1kvh21lTIFiOCgYVdOqPoJY24gXx40wyd8frILLG84NWKR+FmbTq/HCrxKp5+YN5p+MxcNvuOJukf0RI5eNR/2XkE5TikH3IyhRRSe7FMahKotKgs09EHodVBfxII3G6FtykZxKqEwakJW5E9Ota4RdTdOmg7qMFPotHZdDNUmlxp2NszOCaaw0EtJ+23WtqmYQUZj861RPUXGm7kHjI/tTfEC/4mBzWtT7765wwc7Y4vyBsVghfpyYNyLui/94BnTFAU4D8Bqj73dVk24xlWCADvULrHpEu9bnXcD6ORhgWsJR8cj3yWDfc+3zCwE9YfeoLjboimcw6We3af84yo+au4LwaCJqmLfUGvra0Ycyr9OMRC4sveVwxkOwpsS5s0f+nJzR8i
www.blackrock.com/ Name: okta-oauth-nonce
Value: 88WXtBQruqc93YwBcjz454Z5lLppSKUf4nFBv1d5x2uGFdq0DLZlRV86biMbsxQI
www.blackrock.com/ Name: okta-oauth-state
Value: eyJnd1ZlcnNpb24iOm51bGx9
.blackrock.com/ Name: bm_sv
Value: AA52DDBC64B91D49D47B1F38EE6CB4FD~YAAQjvI3F4AzCEOQAQAA0DPOTBi+hJ/OvoBHxk0At6NK7CDVd8b89RgjSXAwVbfdgN2sZNxEQgu6XnvjPoSW9VkuiclSsR8X6PTssytdp69TCgqNTAm7KPyo0tan3HcqyvxCWaqZsDhUaP5zCe7OiNa3yOyqGn0Su5glhPbCBijpdoxv7iVL6UiSVnbybTzjmbzgnJ/FPueZSqP5JXqFKbM/xTHsrxwNJgOgAe207glcDkrvbC7T7o+dZGyFf7WLMSQJ~1
.blackrock.com/ Name: bm_sz
Value: 098EED4E12C8A4D843AFC64953BB6368~YAAQjvI3F4EzCEOQAQAA0DPOTBhdPp8lbQua4cFwo+J1j7qYS76ZPE8J0PwazGu2B30k2sAxR23t9qlmypS26GyLXQk02njaOO6peqSRxYffH/R83J/Wi3u5E1ry6ESwexj6Ya1JR1A7XRV1cQL5iIeAAN9A8t5xrJiXs1q4uXjvoQg9d2BRqMXsaKyi/w/VYZF/P2AHkbITpnJK8ZW5G+leIY2f0VS0u7TPIhiCOWKrYYDMvLW/UeLRZJkxI5XILb2xgK18Ai36FsKTyZdCNUvPJT3wRROb/1Vsc040J7G39YiQbEC3BMgOTtTKkxhdjygyOagDDviIG9oEh0mBgJETrNjbl4f7/o20uysOrBnBoHlDWVaiMcbCrmiBDgZxO6J+tnzFCpN0Xux986v3QdGWo3oaAQ0Gv0g9q/RJhgDc~3556929~4534326
login.blackrock.com/ Name: JSESSIONID
Value: 88772011B2A654E952FB05810B1D16B0

2 Console Messages

Source Level URL
Text
network error URL: https://login.blackrock.com/api/v1/sessions/me
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://login.blackrock.com/api/v1/sessions/me
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://www.blackrock.com/akam/13/ https://www.blackrock.com/KGV4/Juyl/aFqp/j2/hPfw/9rupGckX6t/RiQhYUIC/AU8-YjMO/AQAB https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; font-src 'self' *.walkme.com data:; frame-ancestors 'self' https://*.blackrock.com https://*.ishares.com;
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blackrock.com
login.blackrock.com
www.blackrock.com
15.197.151.86
23.38.134.116
69.52.13.199
036fb15ccc5b704d3ae81d69da598f26e849d38272ffd877c00b44ca78a76169
12f355afd37b8dbc4160dab556f81ce0e05c488be120c4b1e2bd4c47e69e3c20
193a81e8713370250a88db26a3b201df9f841cba4a212b567ff994693bc1bf22
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f22ff3d2f0027deb04388f0c22400b40ffc6501b6832f1f8ed1a056a7e7b8a3
40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665
63fe7f9f1d8a165570d8ec2866ba647b8ecf986278b49d1b2b006f254d3b599e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8762a1a4866d06004fdb35194de88e9ddcf2d3c6cb972ba5b39ed74f506d77f3
9a29b8681b97bd5ed22677d0ae804dedbf6a219d3550e653ef6ad50b7ad243e1
9d35e2e14df3cf8c5407b826f38a4a94d06c940081abc03cbebbe398007186af
a932f3ea1af48ec1a56e13ae68234fb7c2deac867a72715df976262d9c8c64cb
b2c7254c5fb1f335121f004205ee223a66092f488bd8ede1adc521756d8d901a
b33438044a4b6899acf7ec20aeac951f7543b867c5e91f559585bc6b50bde7d9
b3bc6c6810d7ddf58a413a1323523dd1b405cfdfa4a1d89eea7d9dc184e33541
bb3ff2a94d23a0ddd5631632ac09b74c13f4dc28cca8e3fa43e1a15e2d7bd147
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c0d853b1ae4804e7ac5fc136813d4c222e860c6165f50726f1be75a8f5456a5f
c635d642b30798b26ad9344bcd24ac25f49932f2b74e4e023d582fceb9b85498
ca94ae9b0c7ecb566734bdb133fd499b1d073ace970dd4326ea929e2085e1c16
d370cc4abcac88c3007dc4be6a488b5d072cd0bc0451f5c33cf65a7e2fc47369
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d56bb1cdcbd4f05247ef7157ba8b8b2ac846f3bc0d76b6ab57b0bad2b1db94f3
d6839ac85413499562ba792469a999bb988c174c2e86775f9e66a5b20243ddf8
d6d8994beda4f40fade4f01854ba0315375c855d90c64dc168aff2670db21933
dc193d3eceb8576a310e88aaa25c4dde16a6a4b5a1809472755791d507d36e4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f4a43b911fe2219d44fb1e7000f3f2313aca9fb31bb71d1b673b852d75a77e06
f90586922ea531bdeb9a6b3b8e9a45417d751b41147c590d367b1ec7dd694816
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace