urlscan.io logo urlscan.io
SecurityTrails logo

clientbim.aks.carldnsprod.blevrault.com Open in urlscan Pro
51.103.14.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clientbim.aks.carldnsprod.blevrault.com/
Effective URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Submission: On May 03 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 51.103.14.0, located in Paris, France and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is clientbim.aks.carldnsprod.blevrault.com.
TLS certificate: Issued by R3 on May 3rd 2024. Valid for: 3 months.
This is the only time clientbim.aks.carldnsprod.blevrault.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 15 51.103.14.0 8075 (MICROSOFT...)
13 1
Apex Domain
Subdomains		 Transfer
15 blevrault.com
clientbim.aks.carldnsprod.blevrault.com
792 KB
13 1
Domain Requested by
15 clientbim.aks.carldnsprod.blevrault.com 2 redirects clientbim.aks.carldnsprod.blevrault.com
13 1

This site contains no links.

Subject Issuer Validity Valid
clientbim.aks.carldnsprod.blevrault.com
R3		 2024-05-03 -
2024-08-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Frame ID: 056342B1306D6D6CBE21A56E554E66E4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clientbim.aks.carldnsprod.blevrault.com/ HTTP 302
    https://clientbim.aks.carldnsprod.blevrault.com/xnet/ HTTP 302
    http://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login HTTP 307
    https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

790 kB
Transfer

2119 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clientbim.aks.carldnsprod.blevrault.com/ HTTP 302
    https://clientbim.aks.carldnsprod.blevrault.com/xnet/ HTTP 302
    http://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login HTTP 307
    https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
clientbim.aks.carldnsprod.blevrault.com/xnet/auth/
Redirect Chain
  • https://clientbim.aks.carldnsprod.blevrault.com/
  • https://clientbim.aks.carldnsprod.blevrault.com/xnet/
  • http://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
  • https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2ed1db0ac0d12077e70be493979c62a657e51ef49b1fce23cb40d47f2a8c4259
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-language
fr-FR
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
content-type
text/html;charset=UTF-8
date
Fri, 03 May 2024 12:04:18 GMT
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Non-Authoritative-Reason
HSTS
default-gui-public.css
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/ 		254 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9e904a0f3b2e0ae135a23c1c6e9269de790102145eaddf47bedcfdce913a7fa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
csguilib.js
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_2139492420/bundles/ 		1 MB
312 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_2139492420/bundles/csguilib.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05f05378b6c6210c91edcbce17d6d56a730af61e9cb4f417ed38928ed5a917f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
inputScripts.js
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_277321563/bundles/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_277321563/bundles/inputScripts.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
87374d9eadee91748af21c3b334a457f4e98b204919263ddb021ff863e8055b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
5165
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
cscorefrmk.js
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N907446231/bundles/ 		149 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N907446231/bundles/cscorefrmk.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0ca95e74bbd0cae90abf363fb385b23cb287cf00bde576b2b109c8723e3ecea5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
gui-base.js
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1558787730/bundles/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1558787730/bundles/gui-base.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
254b28c526ef234856d7826bae7cc038bfdd475771003025d8db1c6b899f7dfd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
5657
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
gui-public.js
clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_263344114/bundles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_263344114/bundles/gui-public.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
23243a8e670a3be43155e20635c13c6ebdae9187c38574e252c1b517900b9ca7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
etag
2740050219
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
1147
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
login.js
clientbim.aks.carldnsprod.blevrault.com/xnet/public/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/public/login.js
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e13e946bd1c8b4b52e1b91cd044fcff50369429e4fd1345f8649eb4761a8aaa1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
2820
x-xss-protection
1; mode=block
LEFT_LOGIN_PAGE
clientbim.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/f3e6cece/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/f3e6cece/LEFT_LOGIN_PAGE
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8eaeb8f76dc21bdfd2de26fe5fc913d2256dd9a8c4405b86f277271d413da941
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
44123
x-xss-protection
1; mode=block
RIGHT_LOGIN_PAGE
clientbim.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/a1060f86/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/api/public/v1/resources/img/a1060f86/RIGHT_LOGIN_PAGE
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
58d5416dbc90571dfa03490bdc625cd3251e28858d97ca2d8f7849d14f0efea0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
content-length
16224
x-xss-protection
1; mode=block
Poppins-Regular.ttf
clientbim.aks.carldnsprod.blevrault.com/xnet/cb2531401197/css/fonts/Poppins/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/cb2531401197/css/fonts/Poppins/Poppins-Regular.ttf
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Origin
https://clientbim.aks.carldnsprod.blevrault.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
etag
2740050219
x-frame-options
SAMEORIGIN
content-type
application/x-font-truetype
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
Roboto-Regular.ttf
clientbim.aks.carldnsprod.blevrault.com/xnet/cb2991962917/css/fonts/Roboto/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/cb2991962917/css/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: clientbim.aks.carldnsprod.blevrault.com
URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/gzip_N1203811417/bundles/default-gui-public.css
Origin
https://clientbim.aks.carldnsprod.blevrault.com
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 06 Nov 2005 12:00:00 GMT
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
etag
2740050219
x-frame-options
SAMEORIGIN
content-type
application/x-font-truetype
cache-control
public, max-age=315360000, post-check=315360000, pre-check=315360000
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Wed, 03 May 2034 12:04:18 GMT
carlsource.ico
clientbim.aks.carldnsprod.blevrault.com/xnet/themes/default/resources/ 		16 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clientbim.aks.carldnsprod.blevrault.com/xnet/themes/default/resources/carlsource.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.103.14.0 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18e6260e5f96b8b02af9083c57f33093c3965a5a034405393c8f55b54f15e805
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 12:04:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-security-policy
upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
x-frame-options
SAMEORIGIN
content-type
image/vnd.microsoft.icon
cache-control
PUBLIC, max-age=8640000, must-revalidate
permissions-policy
accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
x-xss-protection
1; mode=block
expires
Sun, 11 Aug 2024 12:04:18 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CS function| $ function| jQuery function| Inputmask function| default function| JQClass function| jQueryBridget function| getSize function| EvEmitter function| matchesSelector object| fizzyUIUtils function| Outlayer function| Packery object| Handlebars function| OverlayScrollbars function| tinycolor object| expDateSmall object| expDateTime object| expDateTimeRevert object| expDateTimeRevert2 object| expDateFormatRevert boolean| replaceKeyPress boolean| replaceKeyPressCode function| getMaxDay function| formatDate function| outDate function| getHoursOrMinutesFromDecimal function| hasDecimal function| getHoursFromDecimal function| getMinutesFromDecimal function| outDuration function| increDate function| keyDownDate function| keyUpDate function| getDate function| reConstructDate string| codeSpaceReplace function| keyDownCode function| keyUpCode undefined| inputStartRange function| keyDownCase function| keyUpCase function| getSelectionStart function| getSelectionEnd function| setSelectionRange function| isFullSelect object| pFormatTab function| getCtrlInfo function| completeObj function| removeSuffix function| inNumber function| outNumber function| buildRegExp function| unicode function| parseFormat function| checkInterval function| ctrlIsNumber function| removeNotGoodClass function| addNotGoodClass function| removeInputFocusClass function| addInputFocusClass function| removeClass function| addClass function| IZDetail function| changeTwoState function| changeThreeState function| checkboxSetValue function| overCheck function| outCheck function| onKeyPress function| limitRate function| checkRate function| reinitI18nInput function| restoreI18nInput function| storeLast object| CSTools boolean| initializing object| A4J function| checkCookie function| submitChangePassword function| applyChangePasswordListener

3 Cookies

Domain/Path Name / Value
clientbim.aks.carldnsprod.blevrault.com/xnet Name: JSESSIONID
Value: 23CD9016C4F9EC9272A7827FA4A41E1A
clientbim.aks.carldnsprod.blevrault.com/ Name: appgw-affinity-c932bc332ee3a866aa47c0ff57a1826bCORS
Value: fb5e12d448ad04e8f7f101567a627737
clientbim.aks.carldnsprod.blevrault.com/ Name: appgw-affinity-c932bc332ee3a866aa47c0ff57a1826b
Value: fb5e12d448ad04e8f7f101567a627737

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://clientbim.aks.carldnsprod.blevrault.com/xnet/auth/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; base-uri 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block