ssoforms.sso-stg.bnpparibas.com
Open in
urlscan Pro
2a02:26f0:3500:18::1724:a290
Public Scan
Effective URL: https://ssoforms.sso-stg.bnpparibas.com/cib/LoginForm.aspx?TYPE=33554433&REALMOID=06-000a8f7b-e321-1672-9edc-503b0af30000&GUID=&SMAUTHRE...
Submission: On October 14 via automatic, source certstream-suspicious — Scanned from FR
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on June 13th 2024. Valid for: a year.
This is the only time ssoforms.sso-stg.bnpparibas.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 159.50.125.146 159.50.125.146 | 25215 (BNP-PARIB...) (BNP-PARIBAS France) | |
3 3 | 159.50.125.39 159.50.125.39 | 25215 (BNP-PARIB...) (BNP-PARIBAS France) | |
1 29 | 2a02:26f0:350... 2a02:26f0:3500:18::1724:a290 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
28 | 1 |
ASN25215 (BNP-PARIBAS France, FR)
PTR: globalmarkets-preprod.bnpparibas.com
globalmarkets-preprod.bnpparibas.com |
ASN25215 (BNP-PARIBAS France, FR)
PTR: 1-markets360-preprod.bnpparibas.com
markets360-preprod.bnpparibas.com |
ASN20940 (AKAMAI-ASN1, NL)
ssoforms.sso-stg.bnpparibas.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
bnpparibas.com
6 redirects
globalmarkets-preprod.bnpparibas.com markets360-preprod.bnpparibas.com ssoforms.sso-stg.bnpparibas.com |
327 KB |
28 | 1 |
Domain | Requested by | |
---|---|---|
29 | ssoforms.sso-stg.bnpparibas.com |
1 redirects
ssoforms.sso-stg.bnpparibas.com
|
3 | markets360-preprod.bnpparibas.com | 3 redirects |
2 | globalmarkets-preprod.bnpparibas.com | 2 redirects |
28 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
cib.bnpparibas.com |
ssoforms.staging.echonet |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vulcan-ssoforms.sso-stg.bnpparibas.com Entrust Certification Authority - L1K |
2024-06-13 - 2025-06-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssoforms.sso-stg.bnpparibas.com/cib/LoginForm.aspx?TYPE=33554433&REALMOID=06-000a8f7b-e321-1672-9edc-503b0af30000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-aO2OqJoMhoM6wSJRqDYjkdlVL8Qhxc0YmTwO3pkdcYLXipfCzafhQuf%2bxFsxLwDc4XRFApW7lJk%2fWU3p%2byTFkQidtsg5NzLY&TARGET=-SM-HTTPS%3a%2f%2fmarkets360--preprod%2ebnpparibas%2ecom%2fgmportal%2fprivate%2fhome
Frame ID: EEB32FD7C2C3C2E43902E5F07F84065A
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
BNP Paribas (Stg) SINGLE SIGN-ONPage URL History Show full URLs
-
https://globalmarkets-preprod.bnpparibas.com/
HTTP 301
https://globalmarkets-preprod.bnpparibas.com/fiweb/myportal/home HTTP 301
https://markets360-preprod.bnpparibas.com/fiweb/myportal/home HTTP 301
https://markets360-preprod.bnpparibas.com/gmportal/private/home HTTP 302
https://ssoforms.sso-stg.bnpparibas.com/entry/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=-SM-https%3a%2f%2fma... HTTP 302
https://markets360-preprod.bnpparibas.com/gmportal/private/home?SMSESSION=NO HTTP 302
https://ssoforms.sso-stg.bnpparibas.com/cib/LoginForm.aspx?TYPE=33554433&REALMOID=06-000a8f7b-e321-1672-9edc-503b0af... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- \.aspx?(?:$|\?)
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: cookie policy
Search URL Search Domain Scan URL
Title: Data Protection Notice
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: COOKIE POLICY
Search URL Search Domain Scan URL
Title: PRIVACY POLICY
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://globalmarkets-preprod.bnpparibas.com/
HTTP 301
https://globalmarkets-preprod.bnpparibas.com/fiweb/myportal/home HTTP 301
https://markets360-preprod.bnpparibas.com/fiweb/myportal/home HTTP 301
https://markets360-preprod.bnpparibas.com/gmportal/private/home HTTP 302
https://ssoforms.sso-stg.bnpparibas.com/entry/SmMakeCookie.ccc?SMSESSION=QUERY&PERSIST=0&TARGET=-SM-https%3a%2f%2fmarkets360--preprod%2ebnpparibas%2ecom%2fgmportal%2fprivate%2fhome HTTP 302
https://markets360-preprod.bnpparibas.com/gmportal/private/home?SMSESSION=NO HTTP 302
https://ssoforms.sso-stg.bnpparibas.com/cib/LoginForm.aspx?TYPE=33554433&REALMOID=06-000a8f7b-e321-1672-9edc-503b0af30000&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-aO2OqJoMhoM6wSJRqDYjkdlVL8Qhxc0YmTwO3pkdcYLXipfCzafhQuf%2bxFsxLwDc4XRFApW7lJk%2fWU3p%2byTFkQidtsg5NzLY&TARGET=-SM-HTTPS%3a%2f%2fmarkets360--preprod%2ebnpparibas%2ecom%2fgmportal%2fprivate%2fhome Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
LoginForm.aspx
ssoforms.sso-stg.bnpparibas.com/cib/ Redirect Chain
|
33 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
ssoforms.sso-stg.bnpparibas.com/cib/css/ |
135 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome-4.7.0.css
ssoforms.sso-stg.bnpparibas.com/cib/css/ |
28 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browser-detect.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.4.1.min.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-1.2.1.min.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.watermark-3.2.0.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.nicescroll-3.5.4.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
116 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookies.2.2.0.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate-1.13.0.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
56 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginux_funcs-1.2.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.dd-3.5.2.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
54 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pwdreset-1.0.js
ssoforms.sso-stg.bnpparibas.com/cib/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp-custom-1.0.css
ssoforms.sso-stg.bnpparibas.com/cib/css/ |
52 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.png
ssoforms.sso-stg.bnpparibas.com/cib/images/flags/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fr.png
ssoforms.sso-stg.bnpparibas.com/cib/images/flags/ |
941 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_repeat.png
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
330 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_logo.png
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans_light-webfont.woff
ssoforms.sso-stg.bnpparibas.com/cib/fonts/BNPPSans/ |
27 KB 27 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpp_sans-webfont.woff
ssoforms.sso-stg.bnpparibas.com/cib/fonts/BNPPSans/ |
28 KB 28 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
ssoforms.sso-stg.bnpparibas.com/cib/fonts/ |
64 KB 65 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_arcotid.gif
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
390 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_securid.gif
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
314 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_certificate-isabel.gif
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_kerberos.gif
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookieMessageCloseButton.jpg
ssoforms.sso-stg.bnpparibas.com/cib/img/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnpparibas.ico
ssoforms.sso-stg.bnpparibas.com/cib/images/ |
13 KB 14 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| BrowserDetect object| NiceScroll object| jaaulde function| setCookie function| delCookie function| saveCookie function| saveCookieTransient function| getCookie function| getDomain function| validDomain function| logoff function| logoffTarget function| loginFocus function| check_xss function| extractTarget function| decodeSm function| getParameterByName function| dateUTC object| msBeautify function| otpRequest function| mailOtpRequest function| pwdreset function| changepwd function| CallService function| ServiceSucceeded function| error_msg object| placeholders function| BezierClass2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ssoforms.sso-stg.bnpparibas.com/ | Name: ASP.NET_SessionId Value: ozst11csbvyt55phd3yc0koe |
|
.bnpparibas.com/ | Name: CookieMessageVisible Value: false |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self'; object-src 'self'; img-src 'self'; style-src 'nonce-M51nCG6ou6/Kf5lYlGo4olAf8xfl7mXI'; script-src 'nonce-M51nCG6ou6/Kf5lYlGo4olAf8xfl7mXI';frame-ancestors https://brio.sso-stg.bnpparibas.com https://smartderivatives.sso-stg.bnpparibas.com https://bancagenerali.sso-stg.bnpparibas.com https://smart.us.sso-stg.bnpparibas.com https://smart.caisgroup.sso-stg.bnpparibas.com https://smartderivatives.us.sso-stg.bnpparibas.com frame-ancestors https://brio.sso-stg.bnpparibas.com https://smartderivatives.sso-stg.bnpparibas.com https://bancagenerali.sso-stg.bnpparibas.com https://smart.us.sso-stg.bnpparibas.com https://smart.caisgroup.sso-stg.bnpparibas.com https://smartderivatives.us.sso-stg.bnpparibas.com; object-src self *.sso-stg.bnpparibas.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' *.sso-stg.bnpparibas.com; |
Strict-Transport-Security | max-age=16070400; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
globalmarkets-preprod.bnpparibas.com
markets360-preprod.bnpparibas.com
ssoforms.sso-stg.bnpparibas.com
159.50.125.146
159.50.125.39
2a02:26f0:3500:18::1724:a290
0a2febb2a725d16a2ee0b8b998e50e69304bfdb34936778909ee0bf1c291737b
18a1e36514636859570459fbe600652220e0f2e7c1f0594446913ee6421fe435
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
22e4770c64b273647e164efd88d47f575df5afdc5016a2e8a7fc2ae81f6237ca
29191bc2cdd75d1175b5419e9cd63e6ec290ea0bd587f7c700a641b3b93bf0ee
3bb7f4e443f82a10131e4b9c227cc1927ab722ae40c0e456e94b30985f088e3a
4052a71a54b6094cf53a150b955ce80968b9ae4da068bc86390d63b027e53926
41adb6dc3391a55822d5fc79d66afb4e5e49a6e7b948f341441e9413b5971d1c
45e7adbbcef58afc5c51884adaff727b9c1423c0185f788bb7843eb624af7bb2
50b9d61970d198dc85ae7f493a69bd30dc1b096f71154529c3c91546c148917d
5e71c49a5723bc293ad3b6826e18086924d9d694cc840f7723f91966e27b52a9
62d7b6352a8cce421c720975f912d479099c6fb7ab1248d11b6832d3976633a3
6f31b2a6e8e3c050ccacb42e0c1722f1a7c764ac5a62e031c4ea8c39b2a78d70
815ea7f415a2fa3a244ac43830c0c07bab47baf42e84609838b351f5e19fd74e
8dcfbfed596f070166feca6b410c53cfb7d69d59b9ecf997f42bd9a659940e5c
978855b8e697fef003cc0258f236cafb1a197cf476c4f2e42c0ea092123a3d87
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9ad7268dd813308e73b559066d7ba08003ceb0d42534d51252242f2c6163aa98
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
ae0fa880865f48b641e001536e19b5d64d5c04f8b63c9a8d059dac117bc24ec9
b3f994cdaf3b2ba08c69b1dfe9576c5b35b3dbd01efbafab41c2d4a02f46d98c
bbe6ee9a1301f516bc1720345400ca5eb98750df4a9b9b1a5affa891f73d7606
cd9511ba214f26981d61b48346fae134d89637a09ce97c0262fcace7dc745848
d31a6d39f998a79023c4fcd2f9f32a7d9cf817ced85b71045810fa1947da9d72
d582c45212243d5a54a7c4222d677f220db6be08c9e7b88a2fbdc9073d3ce0ea
d9de9879b84feab9261de45d32b243a691d1bc368eddbe2f7cc142f7885e93ab
e9539f1a7fc9398066290204b25c0b999514edb8a6a0363567e32a76b481cbf8
ff046db1bccff7352232bcc30b6f83e7cb35199d097ed1962859aeccaad740b6