matchmycv.group.bnpparibas Open in urlscan Pro
91.134.116.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://matchmycv.group.bnpparibas/
Effective URL:
https://matchmycv.group.bnpparibas/fr/
Submission: On February 25 via api (February 25th 2023, 12:42:14 pm UTC) from US — Scanned from US

Summary HTTP 49 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 49 HTTP transactions. The main IP is 91.134.116.244, located in France and belongs to OVH, FR. The main domain is matchmycv.group.bnpparibas.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 13th 2022. Valid for: a year.

This is the only time matchmycv.group.bnpparibas was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 50	91.134.116.244 91.134.116.244	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
49	2

50 91.134.116.244 (France) 2 redirects

ASN16276 (OVH, FR)

matchmycv.group.bnpparibas	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app-bundle.cvcatcher.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cvcatcher-api.jobijoba.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	group.bnpparibas 2 redirects matchmycv.group.bnpparibas	679 KB
10	cvcatcher.io app-bundle.cvcatcher.io	767 KB
4	jobijoba.io cvcatcher-api.jobijoba.io	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	23 KB
49	4

	Domain	Requested by
36	matchmycv.group.bnpparibas	2 redirects matchmycv.group.bnpparibas app-bundle.cvcatcher.io
10	app-bundle.cvcatcher.io	matchmycv.group.bnpparibas app-bundle.cvcatcher.io
4	cvcatcher-api.jobijoba.io	app-bundle.cvcatcher.io
1	fonts.googleapis.com	app-bundle.cvcatcher.io
49	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
twitter.com
www.linkedin.com
www.youtube.com
group.bnpparibas

Subject Issuer	Validity	Valid
matchmycv.group.bnpparibas Entrust Certification Authority - L1K	`2022-05-13` - `2023-06-12`	a year	crt.sh
app-bundle.cvcatcher.io R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cvcatcher-api.jobijoba.io R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://matchmycv.group.bnpparibas/fr/
Frame ID: 43B71C7DE3EEDD373AC87F1EAFBEB12A
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CV Catcher BNP Paribas - Recrutement, Offres d'emploi, Dépôt de CV

Page URL History Show full URLs

http://matchmycv.group.bnpparibas/ HTTP 301
https://matchmycv.group.bnpparibas/ HTTP 301
https://matchmycv.group.bnpparibas/fr/ Page URL

Page Statistics

49
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1474 kB
Transfer

3523 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bnpparibas.net
Title: Page Facebook de BNP Paribas

Search URL Search Domain Scan URL

URL: https://instagram.com/bnpparibas/
Title: Page Instagram de BNP Paribas

Search URL Search Domain Scan URL

URL: https://twitter.com/BNPParibas
Title: Page Twitter de BNP Paribas

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bnp-paribas
Title: Page LinkedIn de BNP Paribas

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/BNPParibas
Title: Page Youtube de BNP Paribas

Search URL Search Domain Scan URL

URL: https://group.bnpparibas/emploi-carriere
Title: Retour à la rubrique Emploi & Carrière

Search URL Search Domain Scan URL

URL: https://group.bnpparibas/emploi-carriere/toutes-offres-emploi
Title: Nos offres d'emploi

Search URL Search Domain Scan URL

URL: https://group.bnpparibas/contacts
Title: Contact

Search URL Search Domain Scan URL

URL: https://group.bnpparibas/mentions-legales
Title: Mentions légales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://matchmycv.group.bnpparibas/ HTTP 301
https://matchmycv.group.bnpparibas/ HTTP 301
https://matchmycv.group.bnpparibas/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
matchmycv.group.bnpparibas/fr/
Redirect Chain

http://matchmycv.group.bnpparibas/
https://matchmycv.group.bnpparibas/
https://matchmycv.group.bnpparibas/fr/

9 KB
6 KB

152ms
151ms

Document
text/html

91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f70ce121ed8e322e14960d9143e3a14f86eab70ba361fae9bbd9b5bea9508f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
content-type: text/html
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 12:42:04 GMT
etag: W/"63f4f2e4-258c"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
last-modified: Tue, 21 Feb 2023 16:35:48 GMT
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

content-length: 0
location: https://matchmycv.group.bnpparibas/fr/

GET
H2 200 main.css
app-bundle.cvcatcher.io/ 38 KB
13 KB 1148ms
152ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/main.css

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

9b4ac2e61a2f7f78ecd034c5100bacdccf2588839b9a0fe08d1e1d83c48f375b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-971e"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 custom.css
matchmycv.group.bnpparibas/fr/assets/style/ 2 KB
4 KB 153ms
151ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/custom.css

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ea640bd15c362e304735b99aa8d6cf577ace1a862e3da722e3ef62a76b6f8166

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-9b2"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 variables.specific.css
matchmycv.group.bnpparibas/fr/assets/style/ 874 B
4 KB 155ms
154ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/variables.specific.css

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b299bd0587aeb64956cdcdd47c205acc93b2619a4c29c3eeff1e30b288534144

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-36a"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 main.css
matchmycv.group.bnpparibas/fr/assets/style/client/ 4 KB
5 KB 159ms
158ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/client/main.css

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

24c5f12e2373fa3df19c596ef4164840b8ff23f729c2d16ad582c83e0ff7c08c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-103b"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 commons.css
matchmycv.group.bnpparibas/fr/assets/style/client/ 281 KB
57 KB 300ms
296ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

15af41d09d6af10bf14b699e6164f4204279abec5f0a50e04ca33f733c02c798

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-4625f"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 config.js Show response
matchmycv.group.bnpparibas/fr/ 1 KB
4 KB 301ms
298ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/config.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5c926a61770c00c4398bb430bc2b1b6ee25fd17a8283b3ab3ad5af3d1621bc3f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:35:48 GMT
server: nginx
etag: W/"63f4f2e4-49c"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 brownie-consent-config.js Show response
matchmycv.group.bnpparibas/fr/ 31 B
3 KB 302ms
299ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/brownie-consent-config.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

790c0d9dbde996a7f34fe36a8cf5df56a8052f2fdcbc0d65cf0ff8bb400c24dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-1f"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 api.js Show response
matchmycv.group.bnpparibas/fr/ 80 B
4 KB 442ms
439ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/api.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

939ee6b110abe04de728abda4cd11ca2cfffe6320dd9d17c6ac6c2f28847c7ba

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:04 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Feb 2023 17:23:13 GMT
server: nginx
etag: W/"63f7a101-50"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 logo-bnp.png
matchmycv.group.bnpparibas/fr/ 6 KB
9 KB 296ms
295ms Image
image/png 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://matchmycv.group.bnpparibas/fr/logo-bnp.png

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

64801de959728cfb15db691d004a18c10dab820a1f086b0bbb78c80518e9984f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 5810
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-16b2"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/png
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 intern.js Show response
matchmycv.group.bnpparibas/fr/assets/js/ 1 KB
4 KB 147ms
147ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/intern.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

0729749abf4c512802de3c1ab47fb02fed68c163c7a3d1dfc9263d5c2b991e90

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-4b7"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 runtime.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 2 KB
4 KB 174ms
174ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/runtime.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

1317beeee1f2d2411bc1845d4782067dd2e903c4ffd55fe4d95ca8951e263740

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-7ad"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-1.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 88 KB
39 KB 203ms
149ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-1.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

d4f2b08b39ce34385a59f9879e384e95153e3360179b0431b451fa90c850b705

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-15f99"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-2.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 15 KB
10 KB 147ms
146ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-2.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

9b19d0e8817506f3d4d89e526d470229af0194ea3af958dffccde37506e4aece

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-3d8f"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-3.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 16 KB
11 KB 147ms
146ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-3.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

4bc5da75eb6fa69be5d984962b362258924c43375967748675d6ded9b2da9610

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:05 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-40e7"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-4.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 7 KB
7 KB 147ms
146ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-4.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

89b9b7790e327ae15062e59744236412018ce1946038379c07a294b666eb44a5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-1a24"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-5.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 46 KB
20 KB 147ms
146ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-5.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e47fa0f81509dd1f33b733b43dcdaadae02ac7a5d4fbec4ab00a2fe9b4abbdad

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-b677"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-6.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 46 KB
10 KB 147ms
147ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-6.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c940b4bf010fcd54e16311f4e82e274b8327851e369761b9422c1d002a4db7c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-b836"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-7.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 76 KB
28 KB 150ms
147ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-7.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

36220c3c2bf98295491da9d6f63c3d55d7a9dc094b62a8ac64941b5d8b6967ab

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-13047"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-8.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 27 KB
12 KB 152ms
148ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-8.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c9481b278cecfb22c9a74294bf02875257ede9f35741408c8fd7e3b48944cc23

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-6b1d"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-9.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 26 KB
11 KB 151ms
147ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-9.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ad1167ebd6ed297290b135a8bd8b6f5bb396a5a3e60dfd17d07376236f71e74b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-67c5"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-10.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 17 KB
9 KB 167ms
164ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-10.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6fbb730e8ffffab0b9b12fb34d7d709cdb70fa9c3a6246b1c0a5df81a658642b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-4302"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-11.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 75 KB
30 KB 162ms
159ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-11.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

a55262439bc58456a79f8c527fd55807af8282bd16abd2524904880987af0d4d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-12c17"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-12.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 47 KB
18 KB 154ms
151ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-12.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

b4249f19da455c49bc51a1954779ff6171b791794d8bd6d0a60f73c2c64bebfe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-bba1"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-13.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 8 KB
7 KB 170ms
168ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-13.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

c47e816649716e5e24cd1611211ecf98c17e7986c6fd163f9ca75a3b95b8d779

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-1f83"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 built-script-14.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 70 KB
26 KB 293ms
291ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/built-script-14.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

198ec7af2e50caccc6c940455bfc2cbda813be10ab0f76e29515c2ce6b234ad9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-117ac"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 commons.js Show response
matchmycv.group.bnpparibas/fr/assets/js/client/ 23 KB
11 KB 298ms
296ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/js/client/commons.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

fc92ab35d0bdee901ddedee8ca4f34e248f9b6592f1b1f61e4a6114d28d7275c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-5b9a"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 main.js Show response
app-bundle.cvcatcher.io/ 697 KB
262 KB 155ms
153ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/main.js

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3930c83be08550a48dbc157cccd3fde8478f359f8c1aaaf508efadf65e4b2ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-ae253"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 css
fonts.googleapis.com/ 92 KB
23 KB 227ms
83ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nanum+Gothic&display=swap

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

994432152136639df5420c9950765cd2586e10c8db4232aaa9d82d20866041f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://app-bundle.cvcatcher.io/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Feb 2023 12:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 25 Feb 2023 12:20:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Feb 2023 12:42:06 GMT

GET
H2 200 icomoon.ttf
matchmycv.group.bnpparibas/fr/assets/style/client/ 15 KB
19 KB 281ms
279ms Font
application/octet-stream 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/client/icomoon.ttf

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

596959720ba729a66a6aaa6840d7297e43ff5903dc996afe03030c60ef312fa9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 15668
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-3d34"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/octet-stream
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 bnpp-sans.041ca176.woff
matchmycv.group.bnpparibas/fr/assets/style/fonts/ 54 KB
57 KB 282ms
280ms Font
font/woff 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/fonts/bnpp-sans.041ca176.woff

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 54856
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-d648"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: font/woff
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 bnpp-icons.8e120c05.ttf
matchmycv.group.bnpparibas/fr/assets/style/client/ 10 KB
14 KB 283ms
282ms Font
application/octet-stream 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/client/bnpp-icons.8e120c05.ttf

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

d5b018ed6b3d6ec2076fbc83daa437b094343d6accc8f857f841f1ebb84d1e41

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 10432
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-28c0"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/octet-stream
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 bnpp-sans-bold.231a5b39.woff
matchmycv.group.bnpparibas/fr/assets/style/fonts/ 54 KB
57 KB 286ms
285ms Font
font/woff 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/fonts/bnpp-sans-bold.231a5b39.woff

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/client/commons.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 54984
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-d6c8"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: font/woff
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 bnpp-square-regular-v3.1d317065.woff
matchmycv.group.bnpparibas/fr/assets/style/fonts/ 51 KB
54 KB 303ms
303ms Font
font/woff 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/fonts/bnpp-square-regular-v3.1d317065.woff

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/custom.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

ea0afc11977298d3fe9851f389afa2b4d9b07736858b8e827809f1154cc3fcf7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/custom.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:06 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 52040
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-cb48"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: font/woff
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 floating-button-3abf1e69c7a29becbba6.chunk.css
app-bundle.cvcatcher.io/ 275 B
4 KB 148ms
147ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/floating-button-3abf1e69c7a29becbba6.chunk.css

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

f3c6c7d133d579fa81850f22ad114218f05b7a83c0d6db7b95c833e73aed67fa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-113"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 floating-button-84e96f7ab0758c31bf8a.chunk.js Show response
app-bundle.cvcatcher.io/ 118 B
4 KB 150ms
150ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/floating-button-84e96f7ab0758c31bf8a.chunk.js

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

d716587a484608a25254863b9db0732c4d45f7ee7dbc3cf07db4b5713861155c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-76"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 specific.json Show response
matchmycv.group.bnpparibas/fr/assets/media/locales/fr/ 937 B
4 KB 150ms
150ms Fetch
application/json 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/media/locales/fr/specific.json

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

f42deb749de933e7c7055b9d0b0d29f46032bdcbc74510234bafcdf2a4e9f133

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: W/"63f4f25f-3a9"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/json
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 28-960a9e62e0e00beaed6f.chunk.css
app-bundle.cvcatcher.io/ 22 KB
9 KB 193ms
148ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/28-960a9e62e0e00beaed6f.chunk.css

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

5c12d326ff71efdcb676721b98ccc3f08afa5349b70656365d5727761038eab9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-564c"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 28-29d38eaff418df57d53f.chunk.js Show response
app-bundle.cvcatcher.io/ 874 KB
302 KB 199ms
154ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/28-29d38eaff418df57d53f.chunk.js

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

f8e3bc0fb6b0266ce096fcb021f34f4e596d08fcaab9d0cd649c1fbf6cfa1e18

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-da7b2"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 54-910e2092688a3562ec1a.chunk.css
app-bundle.cvcatcher.io/ 175 KB
32 KB 191ms
147ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/54-910e2092688a3562ec1a.chunk.css

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

84916fa63924218fc25a22406c54a8e4bc87f7ab0b46c778da2934d88fcc5f7e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-2baa6"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 54-8e449811fc0c58b3607b.chunk.js Show response
app-bundle.cvcatcher.io/ 401 KB
126 KB 201ms
157ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/54-8e449811fc0c58b3607b.chunk.js

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

7a44fab41f3241745a898d55064033799e51546e501e55a09855de5892c5bf9d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-6427b"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 246-2d17f5bf48e7bd899c61.chunk.css
app-bundle.cvcatcher.io/ 15 KB
6 KB 161ms
150ms Stylesheet
text/css 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/246-2d17f5bf48e7bd899c61.chunk.css

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

6396c0bbfc777d8db84cbd6803748523be6e7f285c0b6f9134b2084200176825

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-3d1c"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/css
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 246-2e39273d1a6adec3b5bf.chunk.js Show response
app-bundle.cvcatcher.io/ 18 KB
10 KB 163ms
153ms Script
application/javascript 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://app-bundle.cvcatcher.io/246-2e39273d1a6adec3b5bf.chunk.js

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

81bdea42408516ef2312b832a6fdc03cda6dbb871ef800d06097ae64c8f1a881

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:07 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Feb 2023 16:27:47 GMT
server: nginx
etag: W/"63f64283-47eb"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: application/javascript
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

POST
H2 200 login Show response
cvcatcher-api.jobijoba.io/v2/security/ 328 B
3 KB 223ms
222ms Fetch
application/json 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cvcatcher-api.jobijoba.io/v2/security/login

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

7c7cf3f64431a6cd8d052da41553b19c21c18bf89e7187d48b5c02ce3eab365c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/
x-session-id: d0c11000-b509-11ed-bd0a-69db81787c53
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
date: Sat, 25 Feb 2023 12:42:08 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; frame-ancestors 'none'; form-action 'self'; font-src 'self' https://fonts.gstatic.com https://cdn.jobijoba.com; img-src 'self' data: https://cdn.jobijoba.com https://cdn.redoc.ly/redoc/logo-mini.svg; script-src 'self' https://cdn.jobijoba.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jobijoba.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 328
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 web-cover.jpg
matchmycv.group.bnpparibas/fr/assets/media/ 64 KB
67 KB 149ms
148ms Image
image/jpeg 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://matchmycv.group.bnpparibas/fr/assets/media/web-cover.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

3be785a18d3c4e0685f8413ab7bd3ecc9dda1ba39c7e21423cd7d75d00691635

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://matchmycv.group.bnpparibas/fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:08 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 65407
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-ff7f"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

GET
H2 200 bnpp-square-bold-v3.29630e32.woff
matchmycv.group.bnpparibas/fr/assets/style/fonts/ 50 KB
53 KB 291ms
290ms Font
font/woff 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://matchmycv.group.bnpparibas/fr/assets/style/fonts/bnpp-square-bold-v3.29630e32.woff

Requested by

Host: matchmycv.group.bnpparibas
URL: https://matchmycv.group.bnpparibas/fr/assets/style/custom.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

883084f0395c890372f0594e3f3022bfc0f6f30ccfcff7dbf433d456db20c49c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/assets/style/custom.css
Origin: https://matchmycv.group.bnpparibas
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 12:42:08 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://app-bundle.cvcatcher.io https://*.googletagmanager.com https://*.google-analytics.com https://www.youtube.com https://*.googleapis.com https://*.hotjar.com https://*.licdn.com https://*.fontawesome.com https://app-bundle-staging.cvcatcher.io https://*.privacy-center.org https://*.vimeo.com https://*.trustpilot.com; style-src 'self' 'unsafe-inline' https://app-bundle.cvcatcher.io https://fonts.googleapis.com https://app-bundle-staging.cvcatcher.io https://cdn.jsdelivr.net https://*.jobijoba.com https://*.typekit.net; img-src 'self' data: https://api.maptiler.com https://*.google.com https://*.google.fr https://*.google-analytics.com https://*.xiti.com https://*.gstatic.com https://*.googletagmanager.com; font-src 'self' data: https://fonts.gstatic.com https://*.fontawesome.com https://*.cvcatcher.io https://*.jobijoba.com https://*.typekit.net; connect-src 'self' https://cvcatcher-api.jobijoba.io https://api.cvcatcher.io https://*.doubleclick.net https://*.google-analytics.com https://cvcatcher-api-staging.jobijoba.io https://*.privacy-center.org https://*.fontawesome.com https://*.hotjar.com https://*.jquery.com; media-src 'self'; frame-src https://www.youtube-nocookie.com https://*.vimeo.com https://*.hotjar.com/ https://*.trustpilot.com/; frame-ancestors 'none'; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 51096
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Feb 2023 16:33:35 GMT
server: nginx
etag: "63f4f25f-c798"
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: font/woff
cache-control: no-cache
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=*, battery=(), camera=(self), cross-origin-isolated=(self), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=*, geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(self), payment=(), picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(self), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(self), hid=(self), idle-detection=(), interest-cohort=(), serial=(), sync-script=*, trust-token-redemption=(), window-placement=(), vertical-scroll=()
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

OPTIONS
H2 204 login
cvcatcher-api.jobijoba.io/v2/security/ 0
0 723ms
149ms Preflight 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cvcatcher-api.jobijoba.io/v2/security/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-session-id
Access-Control-Request-Method: POST
Origin: https://matchmycv.group.bnpparibas
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-session-id
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; frame-ancestors 'none'; form-action 'self'; font-src 'self' https://fonts.gstatic.com https://cdn.jobijoba.com; img-src 'self' data: https://cdn.jobijoba.com https://cdn.redoc.ly/redoc/logo-mini.svg; script-src 'self' https://cdn.jobijoba.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jobijoba.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 12:42:08 GMT
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 logger Show response
cvcatcher-api.jobijoba.io/v2/ 24 B
2 KB 185ms
184ms Fetch
application/json 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cvcatcher-api.jobijoba.io/v2/logger

Requested by

Host: app-bundle.cvcatcher.io
URL: https://app-bundle.cvcatcher.io/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

dc69da1b7d963296cb85b0e7e67bb2743b5a4c7710974eedc2bf6864d3aeb335

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://matchmycv.group.bnpparibas/fr/
x-session-id: d0c11000-b509-11ed-bd0a-69db81787c53
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwYXlsb2FkTG9jYXRpb24iOiJjdmNhdGNoZXItYXBpLTY1ZmEzZjkxLThlM2ItNGQ4My05MWJiLThhZDUxODhiZjMyZiIsImlhdCI6MTY3NzMyODkyOCwiZXhwIjoxNjc3MzMwNzI4fQ.IshVkOrGFWBxT5TDsjm-erMI9rG9ulgexwzG0K6F2vo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
date: Sat, 25 Feb 2023 12:42:09 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; frame-ancestors 'none'; form-action 'self'; font-src 'self' https://fonts.gstatic.com https://cdn.jobijoba.com; img-src 'self' data: https://cdn.jobijoba.com https://cdn.redoc.ly/redoc/logo-mini.svg; script-src 'self' https://cdn.jobijoba.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jobijoba.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-resource-policy: cross-origin
content-length: 24
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
referrer-policy: no-referrer-when-downgrade
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
x-frame-options: DENY
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'

OPTIONS
H2 204 logger
cvcatcher-api.jobijoba.io/v2/ 0
0 150ms
149ms Preflight 91.134.116.244
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cvcatcher-api.jobijoba.io/v2/logger

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.134.116.244 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-session-id
Access-Control-Request-Method: POST
Origin: https://matchmycv.group.bnpparibas
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization,content-type,x-session-id
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
content-security-policy-report-only: default-src 'self' https://cdn.jobijoba.com; frame-ancestors 'none'; form-action 'self'; font-src 'self' https://fonts.gstatic.com https://cdn.jobijoba.com; img-src 'self' data: https://cdn.jobijoba.com https://cdn.redoc.ly/redoc/logo-mini.svg; script-src 'self' https://cdn.jobijoba.com 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jobijoba.com; upgrade-insecure-requests; block-all-mixed-content; report-uri https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/csp/reportOnly; report-to default
cross-origin-embedder-policy-report-only: require-corp; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-opener-policy-report-only: same-origin; report-to='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 12:42:09 GMT
expect-ct: max-age=0, report-uri='https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/r/d/ct/reportOnly'
nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), interest-cohort=(), serial=(), sync-script=(), trust-token-redemption=(), window-placement=(), vertical-scroll=()
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://78f25b7dadea0cc0ac9ad5cdabdf9c77.report-uri.com/a/d/g"}],"include_subdomains":true}
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
x-frame-options: DENY

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'speaker-selection'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'conversion-measurement'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'focus-without-user-activation'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'sync-script'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'trust-token-redemption'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'vertical-scroll'.
security	error	URL: https://matchmycv.group.bnpparibas/fr/ Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-bundle.cvcatcher.io
cvcatcher-api.jobijoba.io
fonts.googleapis.com
matchmycv.group.bnpparibas
2607:f8b0:4006:81f::200a
91.134.116.244
0729749abf4c512802de3c1ab47fb02fed68c163c7a3d1dfc9263d5c2b991e90
1317beeee1f2d2411bc1845d4782067dd2e903c4ffd55fe4d95ca8951e263740
15af41d09d6af10bf14b699e6164f4204279abec5f0a50e04ca33f733c02c798
198ec7af2e50caccc6c940455bfc2cbda813be10ab0f76e29515c2ce6b234ad9
24c5f12e2373fa3df19c596ef4164840b8ff23f729c2d16ad582c83e0ff7c08c
36220c3c2bf98295491da9d6f63c3d55d7a9dc094b62a8ac64941b5d8b6967ab
3ad317867dbc668f3e6dacfa4c17870a9affaa520346201b394810564e214e7c
3be785a18d3c4e0685f8413ab7bd3ecc9dda1ba39c7e21423cd7d75d00691635
4bc5da75eb6fa69be5d984962b362258924c43375967748675d6ded9b2da9610
596959720ba729a66a6aaa6840d7297e43ff5903dc996afe03030c60ef312fa9
5c12d326ff71efdcb676721b98ccc3f08afa5349b70656365d5727761038eab9
5c926a61770c00c4398bb430bc2b1b6ee25fd17a8283b3ab3ad5af3d1621bc3f
6396c0bbfc777d8db84cbd6803748523be6e7f285c0b6f9134b2084200176825
64801de959728cfb15db691d004a18c10dab820a1f086b0bbb78c80518e9984f
6fbb730e8ffffab0b9b12fb34d7d709cdb70fa9c3a6246b1c0a5df81a658642b
790c0d9dbde996a7f34fe36a8cf5df56a8052f2fdcbc0d65cf0ff8bb400c24dc
7a44fab41f3241745a898d55064033799e51546e501e55a09855de5892c5bf9d
7c7cf3f64431a6cd8d052da41553b19c21c18bf89e7187d48b5c02ce3eab365c
80bf8cdea9bc8b01b1b12f18210a7eb3b5f30fefa0d9f9209813d9f9cfe6e39e
81bdea42408516ef2312b832a6fdc03cda6dbb871ef800d06097ae64c8f1a881
84916fa63924218fc25a22406c54a8e4bc87f7ab0b46c778da2934d88fcc5f7e
883084f0395c890372f0594e3f3022bfc0f6f30ccfcff7dbf433d456db20c49c
89b9b7790e327ae15062e59744236412018ce1946038379c07a294b666eb44a5
8f70ce121ed8e322e14960d9143e3a14f86eab70ba361fae9bbd9b5bea9508f3
939ee6b110abe04de728abda4cd11ca2cfffe6320dd9d17c6ac6c2f28847c7ba
994432152136639df5420c9950765cd2586e10c8db4232aaa9d82d20866041f1
9b19d0e8817506f3d4d89e526d470229af0194ea3af958dffccde37506e4aece
9b4ac2e61a2f7f78ecd034c5100bacdccf2588839b9a0fe08d1e1d83c48f375b
a55262439bc58456a79f8c527fd55807af8282bd16abd2524904880987af0d4d
ad1167ebd6ed297290b135a8bd8b6f5bb396a5a3e60dfd17d07376236f71e74b
b299bd0587aeb64956cdcdd47c205acc93b2619a4c29c3eeff1e30b288534144
b4249f19da455c49bc51a1954779ff6171b791794d8bd6d0a60f73c2c64bebfe
c47e816649716e5e24cd1611211ecf98c17e7986c6fd163f9ca75a3b95b8d779
c940b4bf010fcd54e16311f4e82e274b8327851e369761b9422c1d002a4db7c3
c9481b278cecfb22c9a74294bf02875257ede9f35741408c8fd7e3b48944cc23
d4f2b08b39ce34385a59f9879e384e95153e3360179b0431b451fa90c850b705
d5b018ed6b3d6ec2076fbc83daa437b094343d6accc8f857f841f1ebb84d1e41
d716587a484608a25254863b9db0732c4d45f7ee7dbc3cf07db4b5713861155c
dc69da1b7d963296cb85b0e7e67bb2743b5a4c7710974eedc2bf6864d3aeb335
e47fa0f81509dd1f33b733b43dcdaadae02ac7a5d4fbec4ab00a2fe9b4abbdad
ea0afc11977298d3fe9851f389afa2b4d9b07736858b8e827809f1154cc3fcf7
ea640bd15c362e304735b99aa8d6cf577ace1a862e3da722e3ef62a76b6f8166
f3930c83be08550a48dbc157cccd3fde8478f359f8c1aaaf508efadf65e4b2ae
f3c6c7d133d579fa81850f22ad114218f05b7a83c0d6db7b95c833e73aed67fa
f42deb749de933e7c7055b9d0b0d29f46032bdcbc74510234bafcdf2a4e9f133
f8e3bc0fb6b0266ce096fcb021f34f4e596d08fcaab9d0cd649c1fbf6cfa1e18
fc92ab35d0bdee901ddedee8ca4f34e248f9b6592f1b1f61e4a6114d28d7275c

matchmycv.group.bnpparibas Open in urlscan Pro 91.134.116.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

49 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

2 IPs

2 Countries

1474 kBTransfer

3523 kBSize

0 Cookies

9 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

matchmycv.group.bnpparibas Open in urlscan Pro
91.134.116.244 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1474 kB
Transfer

3523 kB
Size

0
Cookies

49 HTTP transactions
0 data transactions