urlscan.io logo urlscan.io
SecurityTrails logo

nie-auth.api.qua.natixis.com Open in urlscan Pro
91.135.187.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Effective URL: https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3...
Submission Tags: @phishunt_io
Submission: On November 28 via api from DE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 91.135.187.132, located in Paris, France and belongs to FR-BPCE BPCE S.A., FR. The main domain is nie-auth.api.qua.natixis.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 23rd 2024. Valid for: a year.
This is the only time nie-auth.api.qua.natixis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 91.135.187.132 43342 (FR-BPCE B...)
1 172.67.72.50 13335 (CLOUDFLAR...)
21 2
Domain Requested by
18 hsbc.epargnants.bench.votreepargnesalariale.com hsbc.epargnants.bench.votreepargnesalariale.com
2 nie-auth.api.qua.natixis.com hsbc.epargnants.bench.votreepargnesalariale.com
1 uljeavltez.kameleoon.eu hsbc.epargnants.bench.votreepargnesalariale.com
21 3

This site contains no links.

Subject Issuer Validity Valid
epargnants-bench.interepargne.natixis.fr
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-25 -
2025-09-04		 9 months crt.sh
kameleoon.eu
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
nie.api.qua.natixis.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-23 -
2025-10-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3LldEZm02V0dSbHY2TG5nMnpFSURJZmFrcW5GUFUyd3FzfkU4ZHN5dkV1&redirect_uri=https%3A%2F%2Fhsbc.epargnants.bench.votreepargnesalariale.com%2F&scope=readActiris%20readUsers%20readDistribution%20readInvestment%20manageAccount%20readSaving%20readCms%20readAccount%20readProfitSharing%20readTransfer%20readFunds%20readSaverGuide%20readConfidential%20offline_access&code_challenge=gb6cJwWp10orPK65hqrjGRapiXkAkQCnFDnZlzCzdfY&code_challenge_method=S256&additionalData=language%3Den
Frame ID: AA20CF1A73811ED07AE9F83B5894ECF1
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hsbc.epargnants.bench.votreepargnesalariale.com/ Page URL
  2. https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0e... Page URL

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1753 kB
Transfer

7814 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hsbc.epargnants.bench.votreepargnesalariale.com/ Page URL
  2. https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3LldEZm02V0dSbHY2TG5nMnpFSURJZmFrcW5GUFUyd3FzfkU4ZHN5dkV1&redirect_uri=https%3A%2F%2Fhsbc.epargnants.bench.votreepargnesalariale.com%2F&scope=readActiris%20readUsers%20readDistribution%20readInvestment%20manageAccount%20readSaving%20readCms%20readAccount%20readProfitSharing%20readTransfer%20readFunds%20readSaverGuide%20readConfidential%20offline_access&code_challenge=gb6cJwWp10orPK65hqrjGRapiXkAkQCnFDnZlzCzdfY&code_challenge_method=S256&additionalData=language%3Den Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hsbc.epargnants.bench.votreepargnesalariale.com/ 		865 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
23b94dddcf721ecec4398b89ffd79361908c4753b6eddaed0007a4eef06d8c4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Access-Control-Expose-Headers
Content-Disposition
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
460
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Nov 2024 07:53:17 GMT
ETag
"361-627eaa480d100-gzip"
Keep-Alive
timeout=5, max=300
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
NIE
On hsbc
NTXWebServer
web1S
Server
NWS
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
kameleoon.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/scripts/kameleoon.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
ebf35f5d96c41a5fa84f1844ce2d96b8f497836358cdbd5815a4c729a188f8a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"4b3-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=299
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
502
X-XSS-Protection
1; mode=block
Server
NWS
kameleoon.js
uljeavltez.kameleoon.eu/ 		204 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uljeavltez.kameleoon.eu/kameleoon.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd287bc9894522f32809cbc8781c3561e0dc4060f3feb76168249e80a97857ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67459db9-331f0"
age
2702
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nFF1mhaDsOsKkw4URmOkkygsT2TlzCFYawXom9SwEulW1bfXeirK3HDGPtSbJB4xd2aaH9FA3H4Xm2S%2F7jNNGN4Ht4kr0E80%2FIjAC%2Fvj926QCd8nCxzE72%2B9FhFF8xigFkL6h0M6zKj"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 08:38:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15702&min_rtt=14461&rtt_var=4043&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4224&recv_bytes=4353&delivery_rate=40313&cwnd=12000&unsent_bytes=0&cid=ee1d7ae4cfc02bc1&ts=37&x=1", cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 07:53:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 10:06:49 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=3600, s-maxage=5400
cdn-cache-control
max-age=5400; public; stale-if-error=604800; stale-while-revalidate=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e98c88dde423c98-CDG
server
cloudflare
styles.f2e0cb700defddcb.css
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		1 MB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/styles.f2e0cb700defddcb.css
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
656565db46cc85b37c30788dbcba44e3621c36475b130cdffe25d56b49836a14
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"108e98-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Expires
Thu, 28 Nov 2024 19:53:17 GMT
Keep-Alive
timeout=5, max=298
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
NWS
runtime.0d03a5cc12465213.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
c874e347042b7950edd10454c5155b497ca690d53267ca524aa4f521b27bad36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"121b-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=300
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
2597
X-XSS-Protection
1; mode=block
Server
NWS
polyfills.9753e9d417f2a323.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/polyfills.9753e9d417f2a323.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
f3823353c89cd1bb6944608197a6ddaa7480190ca2ffda70f0cb6fd5f393afad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"8937-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=300
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
12599
X-XSS-Protection
1; mode=block
Server
NWS
main.8508538e11ed94aa.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/main.8508538e11ed94aa.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
7b47d08576d73e026a19e351be650d62c0674c0dcdce9e478a96d386c588ef60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"4aecf8-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=300
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
NWS
roboto-latin-400-normal.f2894edcf7d09d36.woff2
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		15 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/roboto-latin-400-normal.f2894edcf7d09d36.woff2
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/styles.f2e0cb700defddcb.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/styles.f2e0cb700defddcb.css

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"3d80-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=297
Date
Thu, 28 Nov 2024 07:53:17 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
15767
X-XSS-Protection
1; mode=block
Server
NWS
en.json
hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/ 		450 KB
127 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/en.json
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/polyfills.9753e9d417f2a323.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Accept-Language
en
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"70784-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=299
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
NWS
fr.json
hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/ 		485 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/fr.json
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/polyfills.9753e9d417f2a323.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Accept-Language
en
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"794c2-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=296
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
NWS
en.json
hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/ 		450 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/assets/i18n/ea6-nie-ep-front-i18n/en.json
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/polyfills.9753e9d417f2a323.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Accept-Language
en
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"70784-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
NTXWebServer
web1S
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Server
NWS
4424.824bff20a91ba419.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/4424.824bff20a91ba419.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"603-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=299
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
872
X-XSS-Protection
1; mode=block
Server
NWS
1283.7cd8db34567445ee.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/1283.7cd8db34567445ee.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"39e4-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=298
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
4604
X-XSS-Protection
1; mode=block
Server
NWS
7018.6718c3f52d9e93b7.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/7018.6718c3f52d9e93b7.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"2751-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=299
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
3711
X-XSS-Protection
1; mode=block
Server
NWS
7957.92c523c44f152613.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/7957.92c523c44f152613.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"11a5b-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=300
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
17779
X-XSS-Protection
1; mode=block
Server
NWS
3676.755fae4a4e382bdc.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		70 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/3676.755fae4a4e382bdc.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"119e0-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=298
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
19696
X-XSS-Protection
1; mode=block
Server
NWS
3947.fe86d3b15073ef00.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/3947.fe86d3b15073ef00.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"4c4a-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=295
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
5231
X-XSS-Protection
1; mode=block
Server
NWS
common.84e8ef77dfb31d0a.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/common.84e8ef77dfb31d0a.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"ca54-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=297
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
13504
X-XSS-Protection
1; mode=block
Server
NWS
2572.304ac76466363e2c.js
hsbc.epargnants.bench.votreepargnesalariale.com/front/ 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hsbc.epargnants.bench.votreepargnesalariale.com/front/2572.304ac76466363e2c.js
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/runtime.0d03a5cc12465213.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hsbc.epargnants.bench.votreepargnesalariale.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/

Response headers

Access-Control-Expose-Headers
Content-Disposition
Content-Encoding
gzip
ETag
"1335b-627eaa480d100-gzip"
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=298
Date
Thu, 28 Nov 2024 07:53:18 GMT
NIE
On hsbc
Last-Modified
Wed, 27 Nov 2024 20:16:36 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Headers
*
X-Frame-Options
sameorigin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Cache-Control
max-age=60, public
Pragma
public
Connection
Keep-Alive
NTXWebServer
web1S
Accept-Ranges
bytes
Content-Length
18987
X-XSS-Protection
1; mode=block
Server
NWS
Primary Request authorize
nie-auth.api.qua.natixis.com/api/oauth/ 		208 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3LldEZm02V0dSbHY2TG5nMnpFSURJZmFrcW5GUFUyd3FzfkU4ZHN5dkV1&redirect_uri=https%3A%2F%2Fhsbc.epargnants.bench.votreepargnesalariale.com%2F&scope=readActiris%20readUsers%20readDistribution%20readInvestment%20manageAccount%20readSaving%20readCms%20readAccount%20readProfitSharing%20readTransfer%20readFunds%20readSaverGuide%20readConfidential%20offline_access&code_challenge=gb6cJwWp10orPK65hqrjGRapiXkAkQCnFDnZlzCzdfY&code_challenge_method=S256&additionalData=language%3Den
Requested by
Host: hsbc.epargnants.bench.votreepargnesalariale.com
URL: https://hsbc.epargnants.bench.votreepargnesalariale.com/front/main.8508538e11ed94aa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
a8f398095df3ae38f476ab4db8b0699f5fc255b6fd871d13cff52446fadca96f
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains

Request headers

Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language
fr-FR,fr;q=0.9
Connection
close
Content-Type
application/json
Date
Thu, 28 Nov 2024 07:53:19 GMT
Host
nie-auth.api.qua.natixis.com
Referer
https://hsbc.epargnants.bench.votreepargnesalariale.com/
Sec-Fetch-Dest
document
Sec-Fetch-Mode
navigate
Sec-Fetch-Site
cross-site
Server
NWS
Ssl
off
Strict-Transport-Security
max-age=15552001; includeSubDomains
Transfer-Encoding
chunked
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-CorrelationID
Id-6f214867412442d857c55aa3 0
X-Forwarded-For
193.32.126.148, 193.32.126.148, 100.120.226.79, 100.120.181.238
X-Forwarded-Host
nie-auth.api.qua.natixis.com
X-Forwarded-Port
443
X-Forwarded-Proto
https
X-Forwarded-Server
nie-auth.api.qua.natixis.com
favicon.ico
nie-auth.api.qua.natixis.com/ 		19 B
336 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nie-auth.api.qua.natixis.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.187.132 Paris, France, ASN43342 (FR-BPCE BPCE S.A., FR),
Reverse DNS
ip132.net187.gcetech.net
Software
NWS /
Resource Hash
09f880398f205f68cd3aab020f489ca5692fa95213c3ec3ab71d4a9d475d12a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3LldEZm02V0dSbHY2TG5nMnpFSURJZmFrcW5GUFUyd3FzfkU4ZHN5dkV1&redirect_uri=https%3A%2F%2Fhsbc.epargnants.bench.votreepargnesalariale.com%2F&scope=readActiris%20readUsers%20readDistribution%20readInvestment%20manageAccount%20readSaving%20readCms%20readAccount%20readProfitSharing%20readTransfer%20readFunds%20readSaverGuide%20readConfidential%20offline_access&code_challenge=gb6cJwWp10orPK65hqrjGRapiXkAkQCnFDnZlzCzdfY&code_challenge_method=S256&additionalData=language%3Den

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15552001; includeSubDomains
Connection
Keep-Alive
Keep-Alive
timeout=5, max=300
Date
Thu, 28 Nov 2024 07:53:19 GMT
Content-Type
text/plain
Server
NWS
X-CorrelationID
Id-6f214867f91ddccc7e6c3f60 0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://nie-auth.api.qua.natixis.com/api/oauth/authorize?response_type=code&client_id=04272cb3-fc1a-466b-8ace-d0ea9746dabe&state=WXJ3LldEZm02V0dSbHY2TG5nMnpFSURJZmFrcW5GUFUyd3FzfkU4ZHN5dkV1&redirect_uri=https%3A%2F%2Fhsbc.epargnants.bench.votreepargnesalariale.com%2F&scope=readActiris%20readUsers%20readDistribution%20readInvestment%20manageAccount%20readSaving%20readCms%20readAccount%20readProfitSharing%20readTransfer%20readFunds%20readSaverGuide%20readConfidential%20offline_access&code_challenge=gb6cJwWp10orPK65hqrjGRapiXkAkQCnFDnZlzCzdfY&code_challenge_method=S256&additionalData=language%3Den
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://nie-auth.api.qua.natixis.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (general exception)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://app-mobile.interepargne.natixis.fr ionic://app-mobile.interepargne.natixis.fr http://localhost:4200 auth-nie.bench.natixis.com epargnants-eq1.bench.mycloud.intranatixis.com epargnants-eq2.bench.mycloud.intranatixis.com epargnants-eq3.bench.mycloud.intranatixis.com ew5-dev1-api.dev.mycloud.intranatixis.com ew5-dev2-api.dev.mycloud.intranatixis.com mobilenie.qua.natixis.com aviva.bench.votreepargnesalariale.com epargnants-bench.interepargne.natixis.fr bench.egepargne.com epargnants-aca.qua.natixis.com epargnants-swisslife.qua.natixis.com epargnants.bench.mycloud.intranatixis.com epargnants-ce.bench.mycloud.intranatixis.com epargnants-ag2r.bench.mycloud.intranatixis.com epargnants-pal.bench.mycloud.intranatixis.com epargnants-aca.bench.mycloud.intranatixis.com epargnants-aviva.bench.mycloud.intranatixis.com epargnants-swisslife.bench.mycloud.intranatixis.com espace-client.ppalm.fr app-mobile.interepargne.natixis.fr epargnants-mobile.bench.mycloud.intranatixis.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block