urlscan.io logo urlscan.io
SecurityTrails logo

mascerca.co Open in urlscan Pro
23.96.103.159  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linkprotect.cudasvc.com/url?a=https%3a%2f%2founcemastert.com%2fdoc%2f2%2f%3fcmVubmVzQGVzcmEuZWR1DQ%3d%3d&c=E,1,BgEyylBdW...
Effective URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649...
Submission: On January 18 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 29 HTTP transactions. The main IP is 23.96.103.159, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mascerca.co.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 25th 2019. Valid for: a year.
This is the only time mascerca.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 35.156.29.60 16509 (AMAZON-02)
1 92.38.176.45 202422 (GHOST)
3 23.96.103.159 8075 (MICROSOFT...)
9 104.70.81.123 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
29 5
1    35.156.29.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-29-60.eu-central-1.compute.amazonaws.com
linkprotect.cudasvc.com
1    92.38.176.45 (Chicago, United States)

ASN202422 (GHOST, LU)
PTR: labscore.mah3r.website
ouncemastert.com
3    23.96.103.159 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mascerca.co
9    104.70.81.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-81-123.deploy.static.akamaitechnologies.com
mabanque.bnpparibas
1    2a02:26f0:6c00:2a1::39e4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
collect.dcrm.bnpparibas.fr
Domain Requested by
9 mabanque.bnpparibas mascerca.co
mabanque.bnpparibas
3 mascerca.co mascerca.co
1 collect.dcrm.bnpparibas.fr mascerca.co
1 ouncemastert.com
1 linkprotect.cudasvc.com 1 redirects
29 5
Subject Issuer Validity Valid
ouncemastert.com
cPanel, Inc. Certification Authority		 2021-01-11 -
2021-04-11		 3 months crt.sh
mascerca.co
Go Daddy Secure Certificate Authority - G2		 2019-11-25 -
2021-01-24		 a year crt.sh
mabanque.bnpparibas
DigiCert ECC Extended Validation Server CA		 2020-06-11 -
2022-09-10		 2 years crt.sh
bnp02b.bnpparibas.com
DigiCert Secure Site ECC CA-1		 2020-10-13 -
2021-11-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Frame ID: D11E19A668C67033794A8353009DA39A
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://linkprotect.cudasvc.com/url?a=https%3a%2f%2founcemastert.com%2fdoc%2f2%2f%3fcmVubmVzQGVzcmEuZWR1DQ%3... HTTP 302
    https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ== Page URL
  2. https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

29
Requests

48 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

858 kB
Transfer

5242 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkprotect.cudasvc.com/url?a=https%3a%2f%2founcemastert.com%2fdoc%2f2%2f%3fcmVubmVzQGVzcmEuZWR1DQ%3d%3d&c=E,1,BgEyylBdWpOhPtElSwyetbBhuOxf4y4NZlDg-DoCuIv3D1K6OOSgM-aV6ZJA3JdKCUiBO5ADu_rwc56MEqbII-GTvE3IJGMrEHZ0WAKyIOfX&typo=1 HTTP 302
    https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ== Page URL
  2. https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://linkprotect.cudasvc.com/url?a=https%3a%2f%2founcemastert.com%2fdoc%2f2%2f%3fcmVubmVzQGVzcmEuZWR1DQ%3d%3d&c=E,1,BgEyylBdWpOhPtElSwyetbBhuOxf4y4NZlDg-DoCuIv3D1K6OOSgM-aV6ZJA3JdKCUiBO5ADu_rwc56MEqbII-GTvE3IJGMrEHZ0WAKyIOfX&typo=1 HTTP 302
  • https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ouncemastert.com/doc/2/
Redirect Chain
  • https://linkprotect.cudasvc.com/url?a=https%3a%2f%2founcemastert.com%2fdoc%2f2%2f%3fcmVubmVzQGVzcmEuZWR1DQ%3d%3d&c=E,1,BgEyylBdWpOhPtElSwyetbBhuOxf4y4NZlDg-DoCuIv3D1K6OOSgM-aV6ZJA3JdKCUiBO5ADu_rwc5...
  • https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==
414 B
603 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
92.38.176.45 Chicago, United States, ASN202422 (GHOST, LU),
Reverse DNS
labscore.mah3r.website
Software
Apache /
Resource Hash
f286ac312310d393d17416529e8545670c2cf721981ce03629f966ffd2a455bc

Request headers

Host
ouncemastert.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 10:46:53 GMT
Server
Apache
Content-Length
414
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Content-Security-Policy
default-src 'self'; style-src 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; frame-src 'self'; frame-ancestors 'none'
Content-Type
text/html
Date
Mon, 18 Jan 2021 10:46:52 GMT
Expires
-1
Location
https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
154
Connection
keep-alive
Primary Request Cookie set /
mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/ 		30 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.103.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/7.3.23 ASP.NET
Resource Hash
7f940735fb97f1e6daf6c84fbaa197a882e22e3a254a40c1ba2e13f7a6979603

Request headers

Host
mascerca.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ouncemastert.com/doc/2/?cmVubmVzQGVzcmEuZWR1DQ==

Response headers

Content-Length
10409
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
PHP/7.3.23 ASP.NET
Set-Cookie
ARRAffinity=67cc7003c93f2ec411a7090e8697e265ced771366dfd63646aaf89292fd9a266;Path=/;HttpOnly;Secure;Domain=mascerca.co ARRAffinitySameSite=67cc7003c93f2ec411a7090e8697e265ced771366dfd63646aaf89292fd9a266;Path=/;HttpOnly;SameSite=None;Secure;Domain=mascerca.co
Date
Mon, 18 Jan 2021 10:46:58 GMT
context.css
mabanque.bnpparibas/rsc/sys/css/menu/ 		903 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/sys/css/menu/context.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
949dc3a675cae0cc35786df17d17096b106a7295f480fa41fcf66f0b7039218a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Content-Encoding
gzip
ETag
"387-51699912ce840"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer, Accept-Encoding
Content-Length
409
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 21 May 2015 15:55:05 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:02:08 GMT
mediaelementplayer.min.css
mabanque.bnpparibas/rsc/sys/css/player/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/sys/css/player/mediaelementplayer.min.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a2c0603e8ba42c388ce99053ec229e2afb93edfb04f9f953839754c4cafc56f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Content-Encoding
gzip
ETag
"28ab-51699913c2a80"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer, Accept-Encoding
Content-Length
2371
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 21 May 2015 15:55:06 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:01:32 GMT
sitefactory.css
mabanque.bnpparibas/rsc/sys/css/ 		356 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/sys/css/sitefactory.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7895576046e7003a4f792d219b3c8189eceef020b8ae54b99c4253ee3a782aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
ETag
"164-51699913c2a80"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer
Content-Length
356
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 21 May 2015 15:55:06 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:01:32 GMT
base.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/ 		5 MB
730 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb1ad29102f680e3c072ecf4444d886e75c3bd88ed97f24ff837f95e50547314
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Content-Encoding
gzip
ETag
"4c2cb3-5b5f978662ec0"
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive, Transfer-Encoding
Vary
Referer, Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 08 Dec 2020 20:05:55 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:01:10 GMT
fix.css
mabanque.bnpparibas/rsc/contrib/css/particuliers/ 		83 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/fix.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c543261c458f4de4b9be801c91a5601b044614fa8a408190aecd606ba444bb49
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Content-Encoding
gzip
ETag
"14ab6-5b2c0a07461c0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer, Accept-Encoding
Content-Length
22051
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 28 Oct 2020 20:01:19 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:02:08 GMT
templates.css
mabanque.bnpparibas/rsc/contrib/css/nbo/ 		210 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mabanque.bnpparibas/rsc/contrib/css/nbo/templates.css
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a57e2c9bcafe9c9420fa9e1b5450d93da2a67b698e6739c002963c1f9b9b87a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Content-Encoding
gzip
ETag
"3491a-56b0ff84c8880"
Transfer-Encoding
chunked
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive, Transfer-Encoding
Vary
Referer, Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 30 Apr 2018 12:26:58 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
text/css
Cache-Control
max-age=900
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:00:01 GMT
session.js
collect.dcrm.bnpparibas.fr/9296/handler9/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.dcrm.bnpparibas.fr/9296/handler9/session.js?se=x3731552_1491345592664_1491345579655_9296&di=null_2&sj=BDDFCSA&aP=_14913456036460.06358314983025848_&bd=true&si=false&aM=_14913456036460.06358314983025848_&aO=-1&tz=53bf8971e7ed4174b56e6ff86c8c430e&vb=3&wa=8.0%3A15188&aW=_14913455757910.5785028206465258_&bu=true&cf=Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne%20%7C%20BNP%20Paribas&az=usy46gabsosd%3DBDDFCSA__3731552_1491345592664_1491345579655_9296%3B%20BDDFCSAuvt%3D882f9d41bb38455099bb3d1ab52397ff_1491345579655_3731552_1491345579655_1%3B%20BDDFCSADBID%3Dnull_2%3B%20userInformation%3Dsuspect%3B%20europolicy%3Dno-set%3B%20distributorid%3Dsitefactory%3B%20axes%3Dfr%7Cweb%7Cworld%7Cpub%7Cweb%7C117338af58364b9da66d02c30d27959e%7C%3B%20wcm_referer%3Dwww.google.fr%2F%3B%20LSinstance%3Dprod_ls_a2_s1-CNET%3B%20WE_LS%3Drd1o00000000000000000000ffff0aff90aco8081%3B%20nxt%3D3428651786.36895.0000%3B%20TS1fcaeb%3D03d53362c6b6b0d67bcf94de0e908624aeb367bc1fcf1b4e58e4209c442b9b978b8744040f95b0c55e7567d6633192e9280e9ea99c0726df239f6bad09bbc2cecc112d2f55353ab9cf1158aa14c5e384a24e28e0c6a968814adf287999e4fce6d89a9fd92183b971a18871ec%3B%20connected%3Dfalse%3B%20WT_FPC%3Did%3Deb90ca05-730c-4697-a1e3-5bb92e0ab311%3Alv%3D1491349201494%3Ass%3D1491349171850%3B%20APinstance%3Dprod_ap_a1_s2%3B%20WE_APm%3DMTAuMjU1LjE0NC4xODIlMQ%3D%3D%3B%20BDDFCSAkey%3D53bf8971e7ed4174b56e6ff86c8c430e%3B%20&ar=https%3A%2F%2Fmabanque.bnpparibas%2F&au=https%3A%2F%2Fmabanque.bnpparibas%2Ffr%2Fconnexion
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a1::39e4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
36f7a58ebea544b9b4ed9ce1fcdf4d6b192e4fba55d0f126ef502f08c3c2fbbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Jan 2021 10:46:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
P3P
CP="NON ADMo DEVo PSAo PSDo IVAo IVDo OUR IND UNI COM NAV INT CNT LOC STA PUR PHY ONL"
Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
945
identification.js
mascerca.co/static/identification-htmlpl/1.1.2/app/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mascerca.co/static/identification-htmlpl/1.1.2/app/identification.js
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.103.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / PHP/7.3.23, ASP.NET
Resource Hash

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 10:47:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
PHP/7.3.23, ASP.NET
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://mascerca.co/wp-json/>; rel="https://api.w.org/"
Content-Length
60482
Expires
Wed, 11 Jan 1984 05:00:00 GMT
logo-bnpp.png
mabanque.bnpparibas/rsc/contrib/image/generique/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/logo-bnpp.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
310be02c30e9bdb846328d10d61d43013ccc26304439883f96544fc576c76a6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
ETag
"13cb-58aad7fffd040"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer
Content-Length
5067
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 06 Jun 2019 20:24:25 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=900
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 10:59:57 GMT
sprite-header.png
mabanque.bnpparibas/rsc/contrib/image/generique/ 		10 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/sprite-header.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb7e58a5a13ebe53dd05272703ba47132b65aa33d29b373d33de116cb82fdb21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas bddf.biapi.pro bddf-ppd.biapi.pro prisme.facil-iti.net *.parrainage.bnpparibas *.bnpparibas
ETag
"294b-5277c9ed8f580"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer
Content-Length
10571
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 22 Dec 2015 13:31:18 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=900
AND
Reach-M
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:02:09 GMT
bnpp_sans-webfont.woff2
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_type_regular_v2-webfont.woff2
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
sprite-form.png
mabanque.bnpparibas/rsc/contrib/image/generique/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabanque.bnpparibas/rsc/contrib/image/generique/sprite-form.png
Requested by
Host: mabanque.bnpparibas
URL: https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.81.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-81-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c5d6811eac74f21a4130472bf1e806350f0ea9ee3a293d06aa7cddadd47c1a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mabanque.bnpparibas/rsc/contrib/css/particuliers/base.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.bnpparibas *.mosaic.fr *.biapi.pro *.dev.echonet *.bnpparibas.net *.protection24.com *.facil-iti.com *.herokuapp.com *.matmut.com *.cardif-iard.fr;, frame-ancestors 'self' eer.bnpparibas eermb.mosaic.fr *.entreprises.bnpparibas.net *.protection24.com lemag.bnpparibas lemagwealth.bnpparibas lemagpro.bnpparibas prisme.facil-iti.net *.parrainage.bnpparibas bddf.biapi.pro *.bnpparibas
ETag
"20cc-53561e6edd780"
p3p
CP="NON CUR OTPi OUR NOR UNI"
Connection
keep-alive
Vary
Referer
Content-Length
8396
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 16 Jun 2016 09:31:26 GMT
Date
Mon, 18 Jan 2021 10:46:59 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Cache-Control
max-age=900
AND
Reach-V
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type
Expires
Mon, 18 Jan 2021 11:00:02 GMT
numbers.jpg
mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/img/numbers.jpg
Requested by
Host: mascerca.co
URL: https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.103.159 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
48bc431cdb3680505d9be9a98da89384600fa20c507386f54dac097588d32196

Request headers

Referer
https://mascerca.co/mabanque.bnpparibas.fr/connexion/mabanque/bnpparibas/cle-digitale/activation/services/4870031649701203465875104976045875/7450003164034658751049760/login/login/LoginMDP/fr/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 10:47:00 GMT
Last-Modified
Mon, 18 Jan 2021 09:15:07 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"6df12b6a7aedd61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6362
bnpp_sans_cond_light_v2-webfont.woff2
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans-webfont.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_type_regular_v2-webfont.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans_cond_light_v2-webfont.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans-webfont-webfont.woff2
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_type_regular_v2-webfont.ttf
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans_cond_light_v2-webfont.ttf
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans-webfont-webfont.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_sans-webfont-webfont.ttf
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
iconbnp.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_type_bold_v2-webfont.woff
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
bnpp_type_bold_v2-webfont.ttf
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0
iconbnp.ttf
mabanque.bnpparibas/rsc/contrib/css/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans-webfont.woff2
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_type_regular_v2-webfont.woff2
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans_cond_light_v2-webfont.woff2
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans-webfont.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_type_regular_v2-webfont.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans_cond_light_v2-webfont.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.woff2
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_type_regular_v2-webfont.ttf
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans_cond_light_v2-webfont.ttf
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_sans-webfont-webfont.ttf
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/iconbnp.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_type_bold_v2-webfont.woff
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/bnpp_type_bold_v2-webfont.ttf
Domain
mabanque.bnpparibas
URL
https://mabanque.bnpparibas/rsc/contrib/css/fonts/iconbnp.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| BDDFCSAisReinit number| BDDFCSAwid number| BDDFCSAsn number| BDDFCSAcfg number| BDDFCSAln string| BDDFCSAgetInputs string| BDDFCSAmultiAttribJsRules string| BDDFCSAjsRules string| BDDFCSAmetaTagRules string| BDDFCSAcontentRules string| BDDFCSAregExRules string| BDDFCSAfbRules string| BDDFCSAgpRules string| BDDFCSAtwRules string| BDDFCSAsvId string| BDDFCSAexceptionRules string| BDDFCSAdbId boolean| BDDFCSAlookups string| BDDFCSAcontentKey number| BDDFCSAidl number| BDDFCSAsST number| BDDFCSAmST boolean| BDDFCSAdoCapture boolean| BDDFCSAuSC string| BDDFCSAaCI boolean| BDDFCSAuseCors boolean| BDDFCSAuseJsonFormatRequest string| BDDFCSAoptOutStatus function| BDDFCSABDDFCSAsessionset function| BDDFCSApersisted boolean| BDDFCSAqNI

0 Cookies