macarte-bnpparibas.com Open in urlscan Pro
45.131.187.253  Malicious Activity! Public Scan

Submitted URL: http://macarte-bnpparibas.com/
Effective URL: https://macarte-bnpparibas.com/
Submission: On July 26 via manual from PL — Scanned from DE

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 43 HTTP transactions. The main IP is 45.131.187.253, located in Zug, Switzerland and belongs to UP-NETWORK UP-NETWORK SWITZERLAND, FR. The main domain is macarte-bnpparibas.com.
TLS certificate: Issued by R3 on July 25th 2022. Valid for: 3 months.
This is the only time macarte-bnpparibas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
1 9 45.131.187.253 211851 (UP-NETWOR...)
28 92.123.13.94 16625 (AKAMAI-AS)
3 159.50.187.124 25215 (BNP-PARIB...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 91.235.132.68 30286 (THM)
43 5
Apex Domain
Subdomains
Transfer
28 mabanque.bnpparibas
mabanque.bnpparibas — Cisco Umbrella Rank: 242556
262 KB
9 macarte-bnpparibas.com
macarte-bnpparibas.com
581 KB
6 connexion-mabanque.bnpparibas
connexion-mabanque.bnpparibas — Cisco Umbrella Rank: 435694
content.connexion-mabanque.bnpparibas — Cisco Umbrella Rank: 985550
116 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 613
30 KB
43 4
Domain Requested by
28 mabanque.bnpparibas macarte-bnpparibas.com
mabanque.bnpparibas
9 macarte-bnpparibas.com 1 redirects macarte-bnpparibas.com
3 content.connexion-mabanque.bnpparibas macarte-bnpparibas.com
content.connexion-mabanque.bnpparibas
3 connexion-mabanque.bnpparibas macarte-bnpparibas.com
1 code.jquery.com macarte-bnpparibas.com
43 5
Subject Issuer Validity Valid
macarte-bnpparibas.com
R3
2022-07-25 -
2022-10-23
3 months crt.sh
mabanque.bnpparibas
DigiCert ECC Extended Validation Server CA
2020-06-11 -
2022-09-10
2 years crt.sh
connexion-mabanque.bnpparibas
Entrust Certification Authority - L1K
2022-07-12 -
2023-08-11
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
content.mabanque.bnpparibas
Entrust Certification Authority - L1K
2021-10-14 -
2022-11-13
a year crt.sh

This page contains 2 frames:

Primary Page: https://macarte-bnpparibas.com/
Frame ID: 5E64695E74B9398CD9B9645D78E7CB4D
Requests: 40 HTTP requests in this frame

Frame: https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: E7ECC2FF69FA3CC09DB91664690004C4
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Accéder à mes comptes en ligne | BNP ParibasAccéder à mes comptes en ligne | BNP Paribas

Page URL History Show full URLs

  1. http://macarte-bnpparibas.com/ HTTP 301
    https://macarte-bnpparibas.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

989 kB
Transfer

1786 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://macarte-bnpparibas.com/ HTTP 301
    https://macarte-bnpparibas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
macarte-bnpparibas.com/
Redirect Chain
  • http://macarte-bnpparibas.com/
  • https://macarte-bnpparibas.com/
58 KB
12 KB
Document
General
Full URL
https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PHP/8.0.21 PleskLin
Resource Hash
65903d0b75c632804b98b0440b09f6c15b7d7580acaf855923927c3190f69a62

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
12578
content-type
text/html; charset=UTF-8
date
Tue, 26 Jul 2022 09:38:23 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.0.21 PleskLin

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 26 Jul 2022 09:38:23 GMT
Location
https://macarte-bnpparibas.com/
Server
nginx
icofont.min.css
macarte-bnpparibas.com/assets/fonts/
90 KB
15 KB
Stylesheet
General
Full URL
https://macarte-bnpparibas.com/assets/fonts/icofont.min.css
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
content-encoding
br
etag
W/"62deb840-16830"
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
anim.css
macarte-bnpparibas.com/assets/css/
296 B
376 B
Stylesheet
General
Full URL
https://macarte-bnpparibas.com/assets/css/anim.css
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
02fe078e9c900bb3b2c640fd86df74907edcfd09d5ec93261f6eebb473c67070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
content-encoding
gzip
etag
"128-5e4a2eef21bdd-gzip"
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
x-accel-version
0.01
accept-ranges
bytes
content-length
170
style.css
mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/
45 KB
8 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b32d4687be628c9dc9ca03f0b3803ec50491074205034af27928c90bb359addb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
ETag
"b4f8-5e2a576ca3d80-gzip"
Access-Control-Allow-Methods
GET, OPTIONS
Connection
keep-alive
Content-Length
7283
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 30 Jun 2022 07:46:14 GMT
X-Frame-Options
Sameorigin
Date
Tue, 26 Jul 2022 09:38:38 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
cas-footer-part.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/
80 KB
14 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-footer-part.css
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd6c21120b6eeba8cc78aa02e2cc6f14f8a6b8a567292b4609dffbba71378afd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
ETag
"140a6-5cd98e1870a80-gzip"
Access-Control-Allow-Methods
GET, OPTIONS
Connection
keep-alive
Content-Length
13183
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935302
Last-Modified
Tue, 05 Oct 2021 10:56:26 GMT
X-Frame-Options
Sameorigin
Date
Tue, 26 Jul 2022 09:38:38 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
cas-header-part.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/
191 KB
31 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
822013e19b44242e8d215ab42fbf7b87ae86ef86c705b90c722b4c0cb07d2084
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
ETag
"2fd12-5cd98e1870a80-gzip"
Access-Control-Allow-Methods
GET, OPTIONS
Connection
keep-alive
Content-Length
30147
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933402
Last-Modified
Tue, 05 Oct 2021 10:56:26 GMT
X-Frame-Options
Sameorigin
Date
Tue, 26 Jul 2022 09:38:38 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
01_jquery-3.3.1-6a07da9fae934baf3f749e876bbfdd96.js
connexion-mabanque.bnpparibas/common/js/
265 KB
80 KB
Script
General
Full URL
https://connexion-mabanque.bnpparibas/common/js/01_jquery-3.3.1-6a07da9fae934baf3f749e876bbfdd96.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.50.187.124 Paris, France, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
prev.connexion.mabanque.bnpparibas
Software
/
Resource Hash
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Strict-Transport-Security max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
X-Content-Type-Options nosniff
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 25 Jul 2022 14:58:15 GMT
Date
Tue, 26 Jul 2022 09:38:37 GMT
X-Frame-Options
Sameorigin
Content-Type
application/javascript;charset=UTF-8
X-XSS-Protection
1; mode=block
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Connection
Keep-Alive
Accept-Ranges
bytes
Vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
ETag
W/"6a07da9fae934baf3f749e876bbfdd96"
Keep-Alive
timeout=10, max=857
publication-7bc2f87b11b926a47a255d31fc55dcae.js
connexion-mabanque.bnpparibas/mabanque/js/
0
0
Script
General
Full URL
https://connexion-mabanque.bnpparibas/mabanque/js/publication-7bc2f87b11b926a47a255d31fc55dcae.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.50.187.124 Paris, France, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
prev.connexion.mabanque.bnpparibas
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Strict-Transport-Security max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
X-Content-Type-Options nosniff
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
X-Content-Type-Options
nosniff
Date
Tue, 26 Jul 2022 09:38:37 GMT
X-Frame-Options
Sameorigin
Content-Type
application/vnd.cas.services+yaml;charset=UTF-8
Content-Disposition
inline;filename=f.txt
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Connection
Keep-Alive
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=10, max=992
grille-3c7ab1a4ff0c57284af8edf334b2e6a5.js
connexion-mabanque.bnpparibas/common/js/
0
0
Script
General
Full URL
https://connexion-mabanque.bnpparibas/common/js/grille-3c7ab1a4ff0c57284af8edf334b2e6a5.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.50.187.124 Paris, France, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
prev.connexion.mabanque.bnpparibas
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Strict-Transport-Security max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
X-Content-Type-Options nosniff
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15768000 ; includeSubDomains, max-age=25707229; includeSubDomain
X-Content-Type-Options
nosniff
Date
Tue, 26 Jul 2022 09:38:38 GMT
X-Frame-Options
Sameorigin
Content-Type
application/vnd.cas.services+yaml;charset=UTF-8
Content-Disposition
inline;filename=f.txt
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' *.hellobankpro.fr *.hellobank.fr *.bnpparibas *.bnpparibas.net *.cardif-iard.fr *.biapi.pro *.mosaic.fr *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com cnet-pic.dev.echonet http://cnet-pic.dev.echonet
Connection
Keep-Alive
Vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=10, max=886
DependanceSatelliteLoader.js
mabanque.bnpparibas/rsc/contrib/script/generique/
1 KB
2 KB
Script
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/script/generique/DependanceSatelliteLoader.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1525b785a6b073047ae8e7727cd5b146489c6893607757da099a14c903bfe7d2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
482
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Mon, 04 Oct 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=86400, public, max-age=86400
ETag
"45f-5cd8952bec180-gzip"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
satelliteLoader.js
mabanque.bnpparibas/rsc/contrib/script/generique/
4 KB
3 KB
Script
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/script/generique/satelliteLoader.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8636c0ef48fadbb158b5a730a4cd0cf28cbcf391271562a1173d765499a60ea6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1731
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Mon, 04 Oct 2021 16:22:46 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=86400, public, max-age=86400
ETag
"1173-5cd8952bec180-gzip"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
cas.min.js
mabanque.bnpparibas/rsc/contrib/script/particuliers/min/
4 KB
2 KB
Script
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/script/particuliers/min/cas.min.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec8337d829f7b5f1e4b93e4f210922bba59fca93ce09ec73072c5fcc54d576ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1326
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933402
Last-Modified
Tue, 09 Nov 2021 21:01:32 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript
Cache-Control
max-age=86400, public, max-age=86400
ETag
"11c3-5d06169fac300-gzip"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
keepalive-c52f26a5df2e6d5fdf251a3755a27821.js
macarte-bnpparibas.com/common/js/
0
0
Script
General
Full URL
https://macarte-bnpparibas.com/common/js/keepalive-c52f26a5df2e6d5fdf251a3755a27821.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
content-encoding
br
server
nginx
content-type
text/html; charset=iso-8859-1
urgence.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
600 B
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/urgence.svg
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52b355e1ce355a40ed04bc7930bbe0f7b9863c5c3db9e9c769f3e583f52c3177
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Content-Disposition
attachment; filename="urgence.svg"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
600
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:13 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Cache-Control
max-age=86400
ETag
"258-5cdc24c6b4040"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-giro-bpf.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
1 KB
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-giro-bpf.svg
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b32c695ff289891fa9d948c836625d81cd6146b85fab955b572cfcd4e294f8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
attachment; filename="picto-giro-bpf.svg"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
522
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:17 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Cache-Control
max-age=86400
ETag
"458-5cdc24ca84940"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-giro.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
1 KB
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-giro.svg
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
755817d0cd3fbbb17a05ad9f8d601632e46fe126a501b37455c52a7049b30f00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Disposition
attachment; filename="picto-giro.svg"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
535
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:16 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Cache-Control
max-age=86400
ETag
"457-5cdc24c990700"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-carte-bloqu-e.png
mabanque.bnpparibas/rsc/contrib/image/generique/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-carte-bloqu-e.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
052502d678d3e394ab3ae793bf2c6a61a9b5b8d40ff9a2af93e38a10105efbfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3532
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"dcc-5cf436d4bdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
debloquer-carte-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/debloquer-carte-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
613fea59d1d4bfe6ef9b5553eaa4e4a3c5cfb2a7e122fc947b55e074ac325f4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3774
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:18 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"ebe-5cdc24cb78b80"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
oposer-carte.png
mabanque.bnpparibas/rsc/contrib/image/generique/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/oposer-carte.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36ba996a3e34b86478bbbec6d8f76d8aa504018ba8646937cddbca62a1b2dce5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3145
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"c49-5cf436d4bdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
oposer-carte-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
2 KB
3 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/oposer-carte-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9fe697d19aa3d1e54cb922faba58b3109e45d6e370befecb6983d689ad7a7472
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1965
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:16 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"7ad-5cdc24c990700"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
opposer-cheque.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-cheque.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53a6bd8fa9ad8623eee7d0ea5417d2e307992470777def3322ef625af354ef42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3704
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"e78-5cf436d3c9a80"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
opposer-cheque-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-cheque-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d14ed60c08b09a79e3ef5ea19b041e2358a6aec6f07bcf1100b110ce75e99fb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3974
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:13 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"f86-5cdc24c6b4040"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
opposer-prelevement.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-prelevement.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5b61627ea2d7888d9c2b3404423c545f1c28a6e376dafc905be1b70d0285ca0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3923
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"f53-5cf436d4bdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
opposer-prelevement-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-prelevement-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21cb1e00e055af00767f2c5a251127a25e1a81bfc4bc5af2255112cc816419f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4219
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:16 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"107b-5cdc24c990700"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-voiture.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
5 KB
6 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-voiture.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
923ddcf9943332bb46bb81c9deed6f6d128286918bb5f54e0a898ad8053d8230
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4620
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"120c-5cf436d3c9a80"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-voiture-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
5 KB
6 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-voiture-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b11a2eb7a34c4e879cb94e19363a5215e0a4447c8cc34475ccecf858855da016
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4734
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Wed, 06 Oct 2021 12:08:04 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"127e-5cdadff8cb100"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-maison.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-maison.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b00b5c55f1e9c287731d26ab1795564653c66e9d0f6c2763ab96e3685d33dc5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4265
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"10a9-5cf436d4bdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-maison-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-maison-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
845c41da3129c27b3bb3608a65566cc9a006fddf5bc2bbca9331bf6df0b0dedb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2762
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Wed, 06 Oct 2021 12:08:04 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"aca-5cdadff8cb100"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-cles-QA.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
8 KB
9 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-cles-QA.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c5df0cbcef2b259962e55ecc5efaa3239201828a86b2e70910865e0b6329a88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
8132
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"1fc4-5cf436d4bdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-cle-QA-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
7 KB
8 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-cle-QA-bpf.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae0f3ffce9e084163fb2c1143e54d4af5e922e7d959d1292d3f6b21aae725337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
7248
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Wed, 06 Oct 2021 12:08:04 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"1c50-5cdadff8cb100"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-mobileo.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-mobileo.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2413d26c6b27d6c1261331196b7477d8d83040e27bae6dbaf2e3cc1645c38dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3327
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"cff-5cf436d3c9a80"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
picto-mobileo.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
2 KB
3 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-mobileo.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33d98906628bde4bce62eb19e4be12d00ac222f778d4bd985e5bff540e522c52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1902
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Wed, 06 Oct 2021 12:08:04 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"76e-5cdadff8cb100"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
info.png
macarte-bnpparibas.com/assets/images/
20 KB
20 KB
Image
General
Full URL
https://macarte-bnpparibas.com/assets/images/info.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
94b9a9e5f93245c89d8b58c6f8ac7170dbc0a49963db4456ec03ea6b9f476408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"62deb840-4fad"
content-type
image/png
accept-ranges
bytes
content-length
20397
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://macarte-bnpparibas.com/
Origin
https://macarte-bnpparibas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:38 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1658828318.dop122.fr8.t,1658828318.cds103.fr8.hn,1658828318.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
index.js
macarte-bnpparibas.com/assets/js/
842 B
509 B
Script
General
Full URL
https://macarte-bnpparibas.com/assets/js/index.js
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
0861165c46ecd53ca5a347f05726c6fec99c54feb5819e758550260dc9b86f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
content-encoding
gzip
etag
"34a-5e4a2eef21bdd-gzip"
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
accept-ranges
bytes
content-length
293
logo-bnpp.png
mabanque.bnpparibas/rsc/contrib/image/generique/
7 KB
8 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/logo-bnpp.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffd0d4c9c36dcc2affc99f3b5a92891d594798ec556c9ae304c87098187c1244
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
7540
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 07 Oct 2021 12:21:16 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
ETag
"1d74-5cdc24c990700"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
icofont.woff2
macarte-bnpparibas.com/assets/fonts/fonts/
525 KB
526 KB
Font
General
Full URL
https://macarte-bnpparibas.com/assets/fonts/fonts/icofont.woff2
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/assets/fonts/icofont.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Request headers

Referer
https://macarte-bnpparibas.com/assets/fonts/icofont.min.css
Origin
https://macarte-bnpparibas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"62deb840-8350c"
content-type
font/woff2
accept-ranges
bytes
content-length
537868
sprite-form.png
mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/images/content/
10 KB
11 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/images/content/sprite-form.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15e0a98316305fdb432b926bf960983a402da0e736f885e3c71368a171588671
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
"26a3-5e2a576ca3d80"
Connection
keep-alive
Content-Length
9891
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Thu, 30 Jun 2022 07:46:14 GMT
X-Frame-Options
Sameorigin
Date
Tue, 26 Jul 2022 09:38:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
grid.png
macarte-bnpparibas.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://macarte-bnpparibas.com/assets/images/grid.png
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.131.187.253 Zug, Switzerland, ASN211851 (UP-NETWORK UP-NETWORK SWITZERLAND, FR),
Reverse DNS
myrdp.gg
Software
nginx / PleskLin
Resource Hash
bff343659c04cc006745cc3401441506f9d7cc47ce39f1afdcdb526b41d40628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://macarte-bnpparibas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 26 Jul 2022 09:38:23 GMT
last-modified
Mon, 25 Jul 2022 15:35:28 GMT
server
nginx
x-powered-by
PleskLin
etag
"62deb840-18ad"
content-type
image/png
accept-ranges
bytes
content-length
6317
image-ordi-loupe_2x.jpg
mabanque.bnpparibas/rsc/contrib/image/particuliers/ident/
97 KB
98 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/particuliers/ident/image-ordi-loupe_2x.jpg
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.13.94 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-13-94.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f7d4e677eddba0572f92385d59fc5d5df413b031ca3e39a55676da10b1f7fd2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
98977
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Wed, 06 Oct 2021 14:32:59 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Jul 2022 09:38:38 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Cache-Control
max-age=86400
ETag
"182a1-5cdb005cfdcc0"
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Wed, 27 Jul 2022 09:38:38 GMT
4S27RDsJKFtlPCec
content.connexion-mabanque.bnpparibas/ Frame E7EC
19 KB
6 KB
Document
General
Full URL
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: macarte-bnpparibas.com
URL: https://macarte-bnpparibas.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
16fcf48f66a84fb0575eb6809be23fddd11d67f4191259ad896e433579148565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://macarte-bnpparibas.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Length
5925
Content-Type
text/html;charset=UTF-8
Date
Tue, 26 Jul 2022 09:38:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
A6gqgkLwG9KRXmsN
content.connexion-mabanque.bnpparibas/ Frame E7EC
208 KB
29 KB
Script
General
Full URL
https://content.connexion-mabanque.bnpparibas/A6gqgkLwG9KRXmsN?e8fcff0af60a2f3c=qnMoc_b7enlakFDEMBBX2p420niGNz99uz4N0MZtXwJ1rdPkZuK3WIerdKDm_A-rtTbv_7e1vZQSkzBMWMvkJ9hskjV4zgJA1jwQmEexxJksAWn5vlEtJo_rFjXyp2oDVeByVCFE0SL3zDdKoT0vF6VdP93AmsWl6FdQbsr-XcWw
Requested by
Host: content.connexion-mabanque.bnpparibas
URL: https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
bd2327caab8480be6087655d491077ece9c7f6687472cadaebc0dfc6e9c4870f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jul 2022 09:38:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
e86dcf3527baa9c6
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Yv1LzyKpvcK8SpA5
content.connexion-mabanque.bnpparibas/ Frame E7EC
35 B
557 B
Script
General
Full URL
https://content.connexion-mabanque.bnpparibas/Yv1LzyKpvcK8SpA5?f8d37f6d40555517=zzotTzHm4uzk19TqHrC8JDE_G-kILVycHbmW_HucyxSf6EuLt7G9vapJ8ll8SwtjgK8NZknjw9M8Xn002GtmXEcg5JEhBwN2MJjR2oWAC166TvhppNyO2N5ia-emR2SfRHYCvGu35Xqhe4YYwLDulQL7SVwk_IQLxv1Gqu0v_GoIJA4WDa8DYpUJlSxGIpSwJuf2t1yr15MWWjiJUgQzEH3ah_E&sera_parametere=A0gLUFdQClQGA1NZAgxQV1AKA1cHXldTBg9VBVgNVVRTAQQCAFVVBlAEAUcSSl5fC0hDEBBDAHEXACBEVn1GBFVSRQEPA15QXEMRRFJ9RgEnCBNTJ0MBBVpYERUSHFByQA90QVQiFVFbCgRYV11RDlBZAl1TUAVUAQAAAlgKUwFWCgNQVl4DAAICAQIEC1cBXV0QCgwIUFAPUlpXBVoFBVAKAQYCBwpWBBEIElwJG1BSWw5cUQRSDQoCBFNZDQIBV1kCUlRVVVBQDlVUUw5UBAFcUgBaAFUTU15fUFEPVQ5DUV9ZTlcVRVsKW1hYAFsQDVMLQgFbcF1AWA8ER1sVC1QIBUIBCUAIZV4MBQ5OEBAGWgsQBxxsVlNbDgMAWggQAEwLUlA%3D&count=0&max=0
Requested by
Host: content.connexion-mabanque.bnpparibas
URL: https://content.connexion-mabanque.bnpparibas/A6gqgkLwG9KRXmsN?e8fcff0af60a2f3c=qnMoc_b7enlakFDEMBBX2p420niGNz99uz4N0MZtXwJ1rdPkZuK3WIerdKDm_A-rtTbv_7e1vZQSkzBMWMvkJ9hskjV4zgJA1jwQmEexxJksAWn5vlEtJo_rFjXyp2oDVeByVCFE0SL3zDdKoT0vF6VdP93AmsWl6FdQbsr-XcWw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
6e4a06482e4281aa4c99cd9f2bf4c8689729345d20d7e7404fe9fe7195006340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 Jul 2022 09:38:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| ENVIRONNEMENT boolean| ENV_IS_CAS function| GetURLParameter number| positionCount function| add_number

5 Cookies

Domain/Path Name / Value
connexion-mabanque.bnpparibas/ Name: SESSION
Value: 1280952F60EEC1DF3EE4EB58D7F364BD
connexion-mabanque.bnpparibas/ Name: CAS_MB
Value: 213709066.47873.0000
mabanque.bnpparibas/ Name: wcm_referer
Value: macarte-bnpparibas.com/
.mabanque.bnpparibas/ Name: MB_AEM_web
Value: MTAuMjQxLjE4OC4xOA==
mabanque.bnpparibas/ Name: TS011a6182
Value: 01dbdd2ba8b33164c7cf7c915c8ce4726d4ac30f5be0f97ef4ecd4ccfb37990f81accb2515e341736e4dfa1fe22fec2e925d7d0e75

3 Console Messages

Source Level URL
Text
network error URL: https://macarte-bnpparibas.com/common/js/keepalive-c52f26a5df2e6d5fdf251a3755a27821.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://connexion-mabanque.bnpparibas/mabanque/js/publication-7bc2f87b11b926a47a255d31fc55dcae.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://connexion-mabanque.bnpparibas/common/js/grille-3c7ab1a4ff0c57284af8edf334b2e6a5.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connexion-mabanque.bnpparibas
content.connexion-mabanque.bnpparibas
mabanque.bnpparibas
macarte-bnpparibas.com
159.50.187.124
2001:4de0:ac18::1:a:3a
45.131.187.253
91.235.132.68
92.123.13.94
02fe078e9c900bb3b2c640fd86df74907edcfd09d5ec93261f6eebb473c67070
052502d678d3e394ab3ae793bf2c6a61a9b5b8d40ff9a2af93e38a10105efbfe
0861165c46ecd53ca5a347f05726c6fec99c54feb5819e758550260dc9b86f76
1525b785a6b073047ae8e7727cd5b146489c6893607757da099a14c903bfe7d2
15e0a98316305fdb432b926bf960983a402da0e736f885e3c71368a171588671
16fcf48f66a84fb0575eb6809be23fddd11d67f4191259ad896e433579148565
21cb1e00e055af00767f2c5a251127a25e1a81bfc4bc5af2255112cc816419f7
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2c5df0cbcef2b259962e55ecc5efaa3239201828a86b2e70910865e0b6329a88
33d98906628bde4bce62eb19e4be12d00ac222f778d4bd985e5bff540e522c52
36ba996a3e34b86478bbbec6d8f76d8aa504018ba8646937cddbca62a1b2dce5
52b355e1ce355a40ed04bc7930bbe0f7b9863c5c3db9e9c769f3e583f52c3177
53a6bd8fa9ad8623eee7d0ea5417d2e307992470777def3322ef625af354ef42
5f7d4e677eddba0572f92385d59fc5d5df413b031ca3e39a55676da10b1f7fd2
613fea59d1d4bfe6ef9b5553eaa4e4a3c5cfb2a7e122fc947b55e074ac325f4d
65903d0b75c632804b98b0440b09f6c15b7d7580acaf855923927c3190f69a62
6b32c695ff289891fa9d948c836625d81cd6146b85fab955b572cfcd4e294f8e
6e4a06482e4281aa4c99cd9f2bf4c8689729345d20d7e7404fe9fe7195006340
755817d0cd3fbbb17a05ad9f8d601632e46fe126a501b37455c52a7049b30f00
822013e19b44242e8d215ab42fbf7b87ae86ef86c705b90c722b4c0cb07d2084
845c41da3129c27b3bb3608a65566cc9a006fddf5bc2bbca9331bf6df0b0dedb
8636c0ef48fadbb158b5a730a4cd0cf28cbcf391271562a1173d765499a60ea6
923ddcf9943332bb46bb81c9deed6f6d128286918bb5f54e0a898ad8053d8230
94b9a9e5f93245c89d8b58c6f8ac7170dbc0a49963db4456ec03ea6b9f476408
9fe697d19aa3d1e54cb922faba58b3109e45d6e370befecb6983d689ad7a7472
a2413d26c6b27d6c1261331196b7477d8d83040e27bae6dbaf2e3cc1645c38dc
a5b61627ea2d7888d9c2b3404423c545f1c28a6e376dafc905be1b70d0285ca0
ae0f3ffce9e084163fb2c1143e54d4af5e922e7d959d1292d3f6b21aae725337
b00b5c55f1e9c287731d26ab1795564653c66e9d0f6c2763ab96e3685d33dc5a
b11a2eb7a34c4e879cb94e19363a5215e0a4447c8cc34475ccecf858855da016
b32d4687be628c9dc9ca03f0b3803ec50491074205034af27928c90bb359addb
bd2327caab8480be6087655d491077ece9c7f6687472cadaebc0dfc6e9c4870f
bff343659c04cc006745cc3401441506f9d7cc47ce39f1afdcdb526b41d40628
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
d14ed60c08b09a79e3ef5ea19b041e2358a6aec6f07bcf1100b110ce75e99fb0
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
ec8337d829f7b5f1e4b93e4f210922bba59fca93ce09ec73072c5fcc54d576ae
fd6c21120b6eeba8cc78aa02e2cc6f14f8a6b8a567292b4609dffbba71378afd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffd0d4c9c36dcc2affc99f3b5a92891d594798ec556c9ae304c87098187c1244