moncomptebnpenligne.com Open in urlscan Pro
45.143.201.128  Malicious Activity! Public Scan

Submitted URL: https://moncomptebnpenligne.com/actions/login.php
Effective URL: https://moncomptebnpenligne.com/
Submission: On August 03 via manual from IN — Scanned from DE

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 35 HTTP transactions. The main IP is 45.143.201.128, located in Russian Federation and belongs to ERISHENNYA-ASN, UA. The main domain is moncomptebnpenligne.com.
TLS certificate: Issued by R3 on August 2nd 2023. Valid for: 3 months.
This is the only time moncomptebnpenligne.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
1 7 45.143.201.128 210950 (ERISHENNY...)
25 104.102.54.143 16625 (AKAMAI-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 91.235.132.68 30286 (THM)
35 4
Apex Domain
Subdomains
Transfer
25 mabanque.bnpparibas
mabanque.bnpparibas — Cisco Umbrella Rank: 246927
256 KB
7 moncomptebnpenligne.com
moncomptebnpenligne.com
560 KB
3 connexion-mabanque.bnpparibas
content.connexion-mabanque.bnpparibas
36 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 743
30 KB
35 4
Domain Requested by
25 mabanque.bnpparibas moncomptebnpenligne.com
mabanque.bnpparibas
7 moncomptebnpenligne.com 1 redirects moncomptebnpenligne.com
3 content.connexion-mabanque.bnpparibas moncomptebnpenligne.com
content.connexion-mabanque.bnpparibas
1 code.jquery.com moncomptebnpenligne.com
35 4
Subject Issuer Validity Valid
moncomptebnpenligne.com
R3
2023-08-02 -
2023-10-31
3 months crt.sh
mabanque.bnpparibas
DigiCert SHA2 Extended Validation Server CA
2023-07-19 -
2024-07-18
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
content.mabanque.bnpparibas
Entrust Certification Authority - L1K
2022-10-19 -
2023-10-19
a year crt.sh

This page contains 2 frames:

Primary Page: https://moncomptebnpenligne.com/
Frame ID: A46D5CDC3CD81BC5E13CCCA4920EF3DB
Requests: 32 HTTP requests in this frame

Frame: https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: CCE9FB05D96BF7D9D40F7653992F42F0
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Accéder à mes comptes en ligne | BNP Paribas

Page URL History Show full URLs

  1. https://moncomptebnpenligne.com/actions/login.php HTTP 302
    https://moncomptebnpenligne.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

883 kB
Transfer

1488 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://moncomptebnpenligne.com/actions/login.php HTTP 302
    https://moncomptebnpenligne.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
moncomptebnpenligne.com/
Redirect Chain
  • https://moncomptebnpenligne.com/actions/login.php
  • https://moncomptebnpenligne.com/
54 KB
11 KB
Document
General
Full URL
https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PHP/8.0.29 PleskLin
Resource Hash
f7f611b0febfa293ef2a3af4f924c8d62618000eef2abb198241ed12d759b8ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
11473
content-type
text/html; charset=UTF-8
date
Thu, 03 Aug 2023 11:09:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.0.29 PleskLin

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 03 Aug 2023 11:09:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
../
pragma
no-cache
server
nginx
x-powered-by
PHP/8.0.29 PleskLin
icofont.min.css
moncomptebnpenligne.com/assets/fonts/
90 KB
15 KB
Stylesheet
General
Full URL
https://moncomptebnpenligne.com/assets/fonts/icofont.min.css
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PleskLin
Resource Hash
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
content-encoding
br
last-modified
Sat, 03 Jun 2023 02:59:56 GMT
server
nginx
etag
W/"647aacac-16830"
x-powered-by
PleskLin
content-type
text/css
anim.css
moncomptebnpenligne.com/assets/css/
311 B
379 B
Stylesheet
General
Full URL
https://moncomptebnpenligne.com/assets/css/anim.css
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PleskLin
Resource Hash
95ffcd769ee389c7030d5a73e01787b7d2804c3e516c35c7080520eecad36795

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 02:58:39 GMT
server
nginx
x-accel-version
0.01
etag
"137-5fd30d8b1df0a-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
172
style.css
mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/
45 KB
8 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b32d4687be628c9dc9ca03f0b3803ec50491074205034af27928c90bb359addb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
7283
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935302
Last-Modified
Thu, 30 Jun 2022 07:46:14 GMT
ETag
"b4f8-5e2a576ca3d80-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
X-Frame-Options
Sameorigin
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
cas-footer-part.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/
80 KB
14 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-footer-part.css
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fd6c21120b6eeba8cc78aa02e2cc6f14f8a6b8a567292b4609dffbba71378afd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
13183
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 05 Oct 2021 10:56:26 GMT
ETag
"140a6-5cd98e1870a80-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
X-Frame-Options
Sameorigin
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
cas-header-part.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/
191 KB
31 KB
Stylesheet
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
822013e19b44242e8d215ab42fbf7b87ae86ef86c705b90c722b4c0cb07d2084
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
30147
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933414
Last-Modified
Tue, 05 Oct 2021 10:56:26 GMT
ETag
"2fd12-5cd98e1870a80-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
X-Frame-Options
Sameorigin
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
urgence.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
600 B
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/urgence.svg
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
52b355e1ce355a40ed04bc7930bbe0f7b9863c5c3db9e9c769f3e583f52c3177
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Content-Disposition
attachment; filename="urgence.svg"
Connection
keep-alive
Content-Length
600
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Thu, 07 Oct 2021 12:30:05 GMT
ETag
"258-5cdc26c20ed40"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-giro-bpf.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
1 KB
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-giro-bpf.svg
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b32c695ff289891fa9d948c836625d81cd6146b85fab955b572cfcd4e294f8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Content-Encoding
gzip
Content-Disposition
attachment; filename="picto-giro-bpf.svg"
Connection
keep-alive
Content-Length
522
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Thu, 07 Oct 2021 12:03:19 GMT
ETag
"458-5cdc20c674fc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-giro.svg
mabanque.bnpparibas/rsc/contrib/image/generique/
1 KB
2 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-giro.svg
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
755817d0cd3fbbb17a05ad9f8d601632e46fe126a501b37455c52a7049b30f00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Content-Encoding
gzip
Content-Disposition
attachment; filename="picto-giro.svg"
Connection
keep-alive
Content-Length
535
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Thu, 07 Oct 2021 12:30:08 GMT
ETag
"457-5cdc26c4eb400"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/svg+xml
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-carte-bloqu-e.png
mabanque.bnpparibas/rsc/contrib/image/generique/
3 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/picto-carte-bloqu-e.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
052502d678d3e394ab3ae793bf2c6a61a9b5b8d40ff9a2af93e38a10105efbfe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3532
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
ETag
"dcc-5cf436d4bdcc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
debloquer-carte-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/debloquer-carte-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
613fea59d1d4bfe6ef9b5553eaa4e4a3c5cfb2a7e122fc947b55e074ac325f4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3774
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Thu, 07 Oct 2021 12:30:09 GMT
ETag
"ebe-5cdc26c5df640"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
oposer-carte.png
mabanque.bnpparibas/rsc/contrib/image/generique/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/oposer-carte.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
36ba996a3e34b86478bbbec6d8f76d8aa504018ba8646937cddbca62a1b2dce5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3145
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
ETag
"c49-5cf436d4bdcc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
oposer-carte-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
2 KB
3 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/oposer-carte-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9fe697d19aa3d1e54cb922faba58b3109e45d6e370befecb6983d689ad7a7472
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
1965
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Thu, 07 Oct 2021 12:03:19 GMT
ETag
"7ad-5cdc20c674fc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
opposer-cheque.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-cheque.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53a6bd8fa9ad8623eee7d0ea5417d2e307992470777def3322ef625af354ef42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3704
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
ETag
"e78-5cf436d3c9a80"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
opposer-cheque-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-cheque-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d14ed60c08b09a79e3ef5ea19b041e2358a6aec6f07bcf1100b110ce75e99fb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3974
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Thu, 07 Oct 2021 12:03:16 GMT
ETag
"f86-5cdc20c398900"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
opposer-prelevement.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-prelevement.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5b61627ea2d7888d9c2b3404423c545f1c28a6e376dafc905be1b70d0285ca0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3923
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
ETag
"f53-5cf436d4bdcc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
opposer-prelevement-bpf.png
mabanque.bnpparibas/rsc/contrib/image/generique/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/opposer-prelevement-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21cb1e00e055af00767f2c5a251127a25e1a81bfc4bc5af2255112cc816419f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
4219
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935302
Last-Modified
Thu, 07 Oct 2021 11:54:57 GMT
ETag
"107b-5cdc1ee7b6640"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-voiture.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
5 KB
6 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-voiture.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
923ddcf9943332bb46bb81c9deed6f6d128286918bb5f54e0a898ad8053d8230
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
4620
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
ETag
"120c-5cf436d3c9a80"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-voiture-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
5 KB
6 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-voiture-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b11a2eb7a34c4e879cb94e19363a5215e0a4447c8cc34475ccecf858855da016
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
4734
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Wed, 06 Oct 2021 12:08:14 GMT
ETag
"127e-5cdae00254780"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-maison.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
4 KB
5 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-maison.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b00b5c55f1e9c287731d26ab1795564653c66e9d0f6c2763ab96e3685d33dc5a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
4265
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
ETag
"10a9-5cf436d4bdcc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-maison-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-maison-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
845c41da3129c27b3bb3608a65566cc9a006fddf5bc2bbca9331bf6df0b0dedb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
2762
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Wed, 06 Oct 2021 12:08:08 GMT
ETag
"aca-5cdadffc9ba00"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-cles-QA.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
8 KB
9 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-cles-QA.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c5df0cbcef2b259962e55ecc5efaa3239201828a86b2e70910865e0b6329a88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
8132
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Tue, 26 Oct 2021 15:49:47 GMT
ETag
"1fc4-5cf436d4bdcc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-cle-QA-bpf.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
7 KB
8 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-cle-QA-bpf.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ae0f3ffce9e084163fb2c1143e54d4af5e922e7d959d1292d3f6b21aae725337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
7248
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Wed, 06 Oct 2021 12:08:14 GMT
ETag
"1c50-5cdae00254780"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-mobileo.png
mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/
3 KB
4 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/particuliers/infographies/assurance/espace-sinistre/images/picto-mobileo.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a2413d26c6b27d6c1261331196b7477d8d83040e27bae6dbaf2e3cc1645c38dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
3327
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Tue, 26 Oct 2021 15:49:46 GMT
ETag
"cff-5cf436d3c9a80"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
picto-mobileo.png
mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/
2 KB
3 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/html/bpf/infographies/espace-sinistre/images/picto-mobileo.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33d98906628bde4bce62eb19e4be12d00ac222f778d4bd985e5bff540e522c52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
1902
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9933400
Last-Modified
Wed, 06 Oct 2021 12:08:08 GMT
ETag
"76e-5cdadffc9ba00"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://moncomptebnpenligne.com/
Origin
https://moncomptebnpenligne.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1691060989.dop168.fr8.t,1691060989.cds159.fr8.hn,1691060989.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
index.js
moncomptebnpenligne.com/assets/js/
841 B
510 B
Script
General
Full URL
https://moncomptebnpenligne.com/assets/js/index.js
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PleskLin
Resource Hash
560dd528782862208f2adab9d747feaf8106cdc4dabae8e9a3f2950374d9ac05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
content-encoding
gzip
last-modified
Sat, 03 Jun 2023 02:59:58 GMT
server
nginx
x-accel-version
0.01
etag
"349-5fd30dd6b6b2e-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
293
logo-bnpp.png
mabanque.bnpparibas/rsc/contrib/image/generique/
7 KB
8 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/logo-bnpp.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ffd0d4c9c36dcc2affc99f3b5a92891d594798ec556c9ae304c87098187c1244
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
7540
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Thu, 07 Oct 2021 12:03:19 GMT
ETag
"1d74-5cdc20c674fc0"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
icofont.woff2
moncomptebnpenligne.com/assets/fonts/fonts/
525 KB
526 KB
Font
General
Full URL
https://moncomptebnpenligne.com/assets/fonts/fonts/icofont.woff2
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/assets/fonts/icofont.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PleskLin
Resource Hash
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Request headers

Referer
https://moncomptebnpenligne.com/assets/fonts/icofont.min.css
Origin
https://moncomptebnpenligne.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
last-modified
Sat, 03 Jun 2023 02:59:54 GMT
server
nginx
etag
"647aacaa-8350c"
x-powered-by
PleskLin
content-type
font/woff2
accept-ranges
bytes
content-length
537868
sprite-form.png
mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/images/content/
10 KB
11 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/images/content/sprite-form.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15e0a98316305fdb432b926bf960983a402da0e736f885e3c71368a171588671
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Frame-Options Sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/identification/src/themes/mabanque/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
9891
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Thu, 30 Jun 2022 07:46:14 GMT
ETag
"26a3-5e2a576ca3d80"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
X-Frame-Options
Sameorigin
Cache-Control
max-age=86400
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
grid.png
moncomptebnpenligne.com/assets/images/
6 KB
6 KB
Image
General
Full URL
https://moncomptebnpenligne.com/assets/images/grid.png
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.143.201.128 , Russian Federation, ASN210950 (ERISHENNYA-ASN, UA),
Reverse DNS
colo35.net
Software
nginx / PleskLin
Resource Hash
bff343659c04cc006745cc3401441506f9d7cc47ce39f1afdcdb526b41d40628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://moncomptebnpenligne.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 11:09:49 GMT
last-modified
Sat, 03 Jun 2023 02:59:57 GMT
server
nginx
etag
"647aacad-18ad"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
6317
image-ordi-loupe_2x.jpg
mabanque.bnpparibas/rsc/contrib/image/particuliers/ident/
97 KB
98 KB
Image
General
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/particuliers/ident/image-ordi-loupe_2x.jpg
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.54.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-54-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5f7d4e677eddba0572f92385d59fc5d5df413b031ca3e39a55676da10b1f7fd2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
Strict-Transport-Security max-age=63072000, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/cas-header-part.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000, max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;
X-Content-Type-Options
nosniff
Date
Thu, 03 Aug 2023 11:09:49 GMT
Connection
keep-alive
Content-Length
98977
X-XSS-Protection
1; mode=block
X-Served-By
s01vl9935301
Last-Modified
Wed, 06 Oct 2021 14:33:02 GMT
ETag
"182a1-5cdb005fda380"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/jpeg
Vary
Accept-Encoding
Cache-Control
max-age=86400
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Fri, 04 Aug 2023 11:09:49 GMT
4S27RDsJKFtlPCec
content.connexion-mabanque.bnpparibas/ Frame CCE9
19 KB
6 KB
Document
General
Full URL
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: moncomptebnpenligne.com
URL: https://moncomptebnpenligne.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
5f36201dfb3e9060f352cabcbda447463dfd578679208e8b7d949051ecd4bcd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moncomptebnpenligne.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Length
5925
Content-Type
text/html;charset=UTF-8
Date
Thu, 03 Aug 2023 11:09:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
mHll_i7v-3CIV1Ws
content.connexion-mabanque.bnpparibas/ Frame CCE9
209 KB
29 KB
Script
General
Full URL
https://content.connexion-mabanque.bnpparibas/mHll_i7v-3CIV1Ws?0c6c9f6609101e47=9lZroyO5G19HCszNN2Zw3sQCjI_fs1-xnEPLhDMeBvOllQpm28feRELiYd4ClLgFkAJ1eQeY_i53PZScJmFeyK4Mddn1UNZKNfMepB7i0Mye3MKM7zavH-skWZFOtRWH1z-vuSpoio-mPHPBYmsS1Eg71L_aKWTkdmKn6vcHgGNr
Requested by
Host: content.connexion-mabanque.bnpparibas
URL: https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
a96313a05411f56d94480eb454118f00048339726700bdd0bcd02b41ce61e160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 11:09:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
e86dcf3527baa9c6
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZoK1Rzb9wNjNXuq0
content.connexion-mabanque.bnpparibas/ Frame CCE9
35 B
557 B
Script
General
Full URL
https://content.connexion-mabanque.bnpparibas/ZoK1Rzb9wNjNXuq0?1c04b9fabac3c2ab=y1tnQd2A6ktMuqWhGY4eooBBwtzuJJNZR4K99G37Iggzkh0yVEgLy1evr8S4Zrg0IjXUl-Brol1E9PW2BsXicY9qepQ8UTlyyvjHf5o9IfmF_GyBw3uFYFFNxvk1SYHR-tIfkptcwl6LHu1bZb3_qK2G2JzxssXCU4ancdMMXp_magD4l8plRT14oAtbEZiaCLIks-zK00WVzSJKWqQmutFsZxA&sera_parametere=A0gLUFdQClQGA1NZAgxQV1AKA1cHXldTBg9VBVgNVVRTAQQCAFVVBlAEAUcSSl5fC0hDEBBDAHEXACBEVn1GBFVSRQEPA15QXEMRRFJ9RgEnCBNTJ0MBBVpYERUSHFByQA90QVQiFVFbClJSBF8HBwdcD11SV1FQClIDBQNYUgMEAAVUU1ABA1MAW1RYDVRUUgsQCgwIUFAPUlpXBVoFBVAKAQYCBwpWBBEIElwJGwBXDQJdUlcAA1EHVgICWgBTVgpXUAdSAAcLD1RZVgpWAV1bBABaBFATU15fUFEPVQ5DUV9ZTlcVRVsKW1hYAFsQDVMLQgFbcF1AWA8ER1sVC1QJA0IBCUAIZV4MBQ5OEBAGWgsQBxxsVlNbDgMAWggQAEwLUFc%3D&count=0&max=0
Requested by
Host: content.connexion-mabanque.bnpparibas
URL: https://content.connexion-mabanque.bnpparibas/mHll_i7v-3CIV1Ws?0c6c9f6609101e47=9lZroyO5G19HCszNN2Zw3sQCjI_fs1-xnEPLhDMeBvOllQpm28feRELiYd4ClLgFkAJ1eQeY_i53PZScJmFeyK4Mddn1UNZKNfMepB7i0Mye3MKM7zavH-skWZFOtRWH1z-vuSpoio-mPHPBYmsS1Eg71L_aKWTkdmKn6vcHgGNr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.68 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
5d85b5a21020a775f6df4a388f49e916680876dee747f8b4d42839cc3b26ef99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://content.connexion-mabanque.bnpparibas/4S27RDsJKFtlPCec?173764f58a756816=QnrhP0FpyEJBjESlESidjpGSkI1afgU_JFaM3hU11_tDQ2Bo-NyaylZzGWstcmRLC-Rkq_ZnejTblrdRlIaxLVM7KWyfTUpTJ5xVLySH08nUiDwiFaTlzXtXm0jdhJl2FLarwHUlT3sxlqK7QYb9PlyLax8&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Aug 2023 11:09:49 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| positionCount function| $ function| jQuery function| add_number

4 Cookies

Domain/Path Name / Value
moncomptebnpenligne.com/ Name: PHPSESSID
Value: 2hsdt43rc6hvbhm9nugq0v8e4q
mabanque.bnpparibas/ Name: wcm_referer
Value: moncomptebnpenligne.com/
.mabanque.bnpparibas/ Name: MB_AEM_web
Value: MTAuMjQxLjE3Ny4xNDc=
mabanque.bnpparibas/ Name: TS011a6182
Value: 01dbdd2ba8e7ae0617bcf3abb414aa3e2fc838254dbe6da2dcff5b05fd2c84ef18855a10c23d8a93841fe530c13f521aae538f9382

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
content.connexion-mabanque.bnpparibas
mabanque.bnpparibas
moncomptebnpenligne.com
104.102.54.143
2001:4de0:ac18::1:a:1a
45.143.201.128
91.235.132.68
052502d678d3e394ab3ae793bf2c6a61a9b5b8d40ff9a2af93e38a10105efbfe
15e0a98316305fdb432b926bf960983a402da0e736f885e3c71368a171588671
21cb1e00e055af00767f2c5a251127a25e1a81bfc4bc5af2255112cc816419f7
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2c5df0cbcef2b259962e55ecc5efaa3239201828a86b2e70910865e0b6329a88
33d98906628bde4bce62eb19e4be12d00ac222f778d4bd985e5bff540e522c52
36ba996a3e34b86478bbbec6d8f76d8aa504018ba8646937cddbca62a1b2dce5
52b355e1ce355a40ed04bc7930bbe0f7b9863c5c3db9e9c769f3e583f52c3177
53a6bd8fa9ad8623eee7d0ea5417d2e307992470777def3322ef625af354ef42
560dd528782862208f2adab9d747feaf8106cdc4dabae8e9a3f2950374d9ac05
5d85b5a21020a775f6df4a388f49e916680876dee747f8b4d42839cc3b26ef99
5f36201dfb3e9060f352cabcbda447463dfd578679208e8b7d949051ecd4bcd8
5f7d4e677eddba0572f92385d59fc5d5df413b031ca3e39a55676da10b1f7fd2
613fea59d1d4bfe6ef9b5553eaa4e4a3c5cfb2a7e122fc947b55e074ac325f4d
6b32c695ff289891fa9d948c836625d81cd6146b85fab955b572cfcd4e294f8e
755817d0cd3fbbb17a05ad9f8d601632e46fe126a501b37455c52a7049b30f00
822013e19b44242e8d215ab42fbf7b87ae86ef86c705b90c722b4c0cb07d2084
845c41da3129c27b3bb3608a65566cc9a006fddf5bc2bbca9331bf6df0b0dedb
923ddcf9943332bb46bb81c9deed6f6d128286918bb5f54e0a898ad8053d8230
95ffcd769ee389c7030d5a73e01787b7d2804c3e516c35c7080520eecad36795
9fe697d19aa3d1e54cb922faba58b3109e45d6e370befecb6983d689ad7a7472
a2413d26c6b27d6c1261331196b7477d8d83040e27bae6dbaf2e3cc1645c38dc
a5b61627ea2d7888d9c2b3404423c545f1c28a6e376dafc905be1b70d0285ca0
a96313a05411f56d94480eb454118f00048339726700bdd0bcd02b41ce61e160
ae0f3ffce9e084163fb2c1143e54d4af5e922e7d959d1292d3f6b21aae725337
b00b5c55f1e9c287731d26ab1795564653c66e9d0f6c2763ab96e3685d33dc5a
b11a2eb7a34c4e879cb94e19363a5215e0a4447c8cc34475ccecf858855da016
b32d4687be628c9dc9ca03f0b3803ec50491074205034af27928c90bb359addb
bff343659c04cc006745cc3401441506f9d7cc47ce39f1afdcdb526b41d40628
c5ad8b399b615ecfc8f63628c1bad71cf11477002a51390fd1dcca1f2b34381e
d14ed60c08b09a79e3ef5ea19b041e2358a6aec6f07bcf1100b110ce75e99fb0
f7f611b0febfa293ef2a3af4f924c8d62618000eef2abb198241ed12d759b8ab
fd6c21120b6eeba8cc78aa02e2cc6f14f8a6b8a567292b4609dffbba71378afd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffd0d4c9c36dcc2affc99f3b5a92891d594798ec556c9ae304c87098187c1244