urlscan.io logo urlscan.io
SecurityTrails logo

bnparibaforti.firebaseapp.com Open in urlscan Pro
151.101.1.195  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://bnparibaforti.firebaseapp.com/
Submission Tags: @jcybersec_
Submission: On June 17 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is bnparibaforti.firebaseapp.com.
TLS certificate: Issued by GTS CA 1O1 on October 28th 2019. Valid for: a year.
This is the only time bnparibaforti.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
21 151.101.1.195 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 193.58.4.82 25215 (BNP-PARIB...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
26 4
Domain Requested by
21 bnparibaforti.firebaseapp.com bnparibaforti.firebaseapp.com
3 www.bnpparibasfortis.be bnparibaforti.firebaseapp.com
1 api.ipgeolocation.io ajax.googleapis.com
1 ajax.googleapis.com bnparibaforti.firebaseapp.com
26 4
Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1O1		 2019-10-28 -
2020-10-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
www.bnpparibasfortis.be
Entrust Certification Authority - L1M		 2020-01-14 -
2022-01-22		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-26 -
2020-10-09		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://bnparibaforti.firebaseapp.com/
Frame ID: 1FFE7BD0F7D60360CF7198F6950F7738
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

847 kB
Transfer

2494 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bnparibaforti.firebaseapp.com/ 		88 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93c9a6a55d194ad06d25257509bccbeab5c8e6d0d2cb0da8d4238e33c7bcd992
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
bnparibaforti.firebaseapp.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
"0869fafae85d5b08ac56b0f8d19d36d9bddaf03464d83c9037adf3449e8e1742"
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
accept-ranges
bytes
date
Wed, 17 Jun 2020 15:55:25 GMT
x-served-by
cache-ams21067-AMS
x-cache
MISS
x-cache-hits
0
x-timer
S1592409325.041990,VS0,VE326
vary
x-fh-requested-host, accept-encoding
content-length
12979
Web-Banking-Unauthenticated.css
bnparibaforti.firebaseapp.com/iwov-resources/fixed-layout/ 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/iwov-resources/fixed-layout/Web-Banking-Unauthenticated.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93c9a6a55d194ad06d25257509bccbeab5c8e6d0d2cb0da8d4238e33c7bcd992
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.388560,VS0,VE1
etag
"0869fafae85d5b08ac56b0f8d19d36d9bddaf03464d83c9037adf3449e8e1742"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
12979
x-cache-hits
1
brand.css
bnparibaforti.firebaseapp.com/static/css/ 		268 B
309 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/brand.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bd8bac7550e699b6cf2e371b566cd52a285a49e58142c1ee3aa81c17efed8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.388653,VS0,VE0
etag
"61d366ecbf150121eb6ab31014a996fceb06df18ff4a5c04196664b0fde74ba8"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
174
x-cache-hits
2
mediaelementplayer.min.css
bnparibaforti.firebaseapp.com/static/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/mediaelementplayer.min.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67e1089820ea2c0d78a1387c0397d9a06f00b19569ca3a348b39d7931a1f15eb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.388665,VS0,VE1
etag
"a33d6217568f1603a9cea17a82b64698f4b83c1d175fcb883e11f0cd9baea670"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
2156
x-cache-hits
1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Jun 2020 06:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
465842
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30768
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Jun 2021 06:31:23 GMT
app.cdede159570c3a64ab5edb0b7d3ff55b.css
bnparibaforti.firebaseapp.com/static/css/ 		92 B
218 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/app.cdede159570c3a64ab5edb0b7d3ff55b.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c48cb154d913fed893b4920867fd6a57b96e495b13e9765a8b1c1365d833e36a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.388678,VS0,VE1
etag
"c4a71e0f4c900c0df2b8753ee9c34691082b30462b594bfe8feb3ac22641056c"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
110
x-cache-hits
1
stopcard.png
bnparibaforti.firebaseapp.com/rsc/contrib/image/footer/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnparibaforti.firebaseapp.com/rsc/contrib/image/footer/stopcard.png
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.472839,VS0,VE1
etag
"0869fafae85d5b08ac56b0f8d19d36d9bddaf03464d83c9037adf3449e8e1742"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
12979
x-cache-hits
1
be_commerce.png
bnparibaforti.firebaseapp.com/rsc/contrib/image/footer/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnparibaforti.firebaseapp.com/rsc/contrib/image/footer/be_commerce.png
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.472821,VS0,VE1
etag
"0869fafae85d5b08ac56b0f8d19d36d9bddaf03464d83c9037adf3449e8e1742"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
12979
x-cache-hits
1
manifest.2ae2e69a05c33dfc65f8.js
bnparibaforti.firebaseapp.com/static/js/ 		857 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.430881,VS0,VE1
etag
"b75564b7b0a34a893ddd99dd68f6ccd1819053658ea868367f6f31e3502e9d60"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
496
x-cache-hits
1
vendor.e2907021bf281451670c.js
bnparibaforti.firebaseapp.com/static/js/ 		1 MB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/js/vendor.e2907021bf281451670c.js
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bcee240785160d2d972bd3f075c0dcb88f47d89b3610b829914b96f7786d0e1d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.450986,VS0,VE1
etag
"0aeb9bc332d6da114c07fe8dbbf7b06914a60748aab84e04b03ee86acad50b23"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
347328
x-cache-hits
1
app.7c32a0203c82a50e0348.js
bnparibaforti.firebaseapp.com/static/js/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/js/app.7c32a0203c82a50e0348.js
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d436ffbad327900d040c7afd57b611a65c1a6695766c8cb4da9a62beed25a37
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.450948,VS0,VE0
etag
"a28145676ee0899cc905bbf3c13489e49e377c516133e12fe7160a83e7e90b4d"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
6359
x-cache-hits
1
bnpp-fortis.css
bnparibaforti.firebaseapp.com/static/css/ 		456 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5b5895c9d4f12ab4cc1c9ca588a0d451e5b1d053d7487bc15f3d3e3d974893e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.406510,VS0,VE1
etag
"5753d7f758b1f0dd332fb7f36d50e7cc59359623cb3cb66fbee9e4887d412dc4"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
76085
x-cache-hits
1
bnpp-fortis-pws.css
bnparibaforti.firebaseapp.com/static/css/ 		125 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis-pws.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acad8c233b9c9c3aa515312f2d8e5bf52119899c084940abc96b9dabfa92d7db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.406520,VS0,VE1
etag
"9f0443259a83a81ea357b64ced1e310a346fb92e149b9ffda67696d922a5544e"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
18400
x-cache-hits
1
bnpp-fortis-patch.css
bnparibaforti.firebaseapp.com/static/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis-patch.css
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
301fb78556c0e004e1e35efb8c9ecbb261d2b0be44727b2e8b73da9f840a976d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.406489,VS0,VE1
etag
"45502fdf9cfdaf2d7afa5c65799e3b5b02e869b5dedb6a9230021c1d863205a3"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
2860
x-cache-hits
1
sprite.svg
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/sprite.svg
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.58.4.82 , Belgium, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
bnpparisbasfortis.com
Software
/
Resource Hash
77d8b27fb385e5ea2bb4a42503a85e3d5087fb535fd6e31a02d2c0824486d47e
Security Headers
Name Value
Content-Security-Policy reflected-xss block
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 15:55:25 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 18 Nov 2019 14:58:34 GMT
etag
"14ce7-597a02e7c1a80"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=600
Content-Security-Policy
reflected-xss block
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-type
image/svg+xml
content-length
85223
X-XSS-Protection
1; mode=block
expires
Wed, 17 Jun 2020 16:05:25 GMT
print_logo.png
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/print_logo.png
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.58.4.82 , Belgium, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
bnpparisbasfortis.com
Software
/
Resource Hash
3f6b3048f077663998d7fead9734892be93db35b1c64b94092a932175bfb44e2
Security Headers
Name Value
Content-Security-Policy reflected-xss block
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 15:55:25 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 18 Nov 2019 14:58:25 GMT
etag
"4d7a-597a02df2c640"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=600
Content-Security-Policy
reflected-xss block
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-type
image/png
content-length
19834
X-XSS-Protection
1; mode=block
expires
Wed, 17 Jun 2020 16:05:25 GMT
hello_icon.png
www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bnpparibasfortis.be/rsc/contrib/graphicaltheme/bnpp-fortis/images/hello_icon.png
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.58.4.82 , Belgium, ASN25215 (BNP-PARIBAS France, FR),
Reverse DNS
bnpparisbasfortis.com
Software
/
Resource Hash
c4071ff8d0159e2801c2a0918320b7e6946971f8ef047a9672e17e2459ea5533
Security Headers
Name Value
Content-Security-Policy reflected-xss block
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 15:55:25 GMT
X-Content-Type-Options
nosniff
last-modified
Mon, 18 Nov 2019 14:58:47 GMT
etag
"69c-597a02f4277c0"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=600
Content-Security-Policy
reflected-xss block
Strict-Transport-Security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-type
image/png
content-length
1692
X-XSS-Protection
1; mode=block
expires
Wed, 17 Jun 2020 16:05:25 GMT
bnpiconfont.ttf
bnparibaforti.firebaseapp.com/static/css/ 		156 B
234 B 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpiconfont.ttf
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
328a9702c2daeeb22d4379f7dbe4c02fa4f90e45e4b19f3baf509a2c78ab2012
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.483753,VS0,VE1
etag
"69cf2f281791f06fdb407ab557e721f9706cb3d52ed8d197cafd5da108f58307"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
147
x-cache-hits
1
bnpp_sans-webfont.ttf
bnparibaforti.firebaseapp.com/static/css/ 		156 B
276 B 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans-webfont.ttf
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e6b30e73ff23860ed442056d0bd2e6798cfdecf896fc1eaa6370f62f74037db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.483753,VS0,VE1
etag
"a6441014ac6cc54d7f7a2b64a131154057cf7d215046d584aa93a01780896225"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
148
x-cache-hits
1
bnpp_sans_light-webfont.ttf
bnparibaforti.firebaseapp.com/static/css/ 		156 B
257 B 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans_light-webfont.ttf
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
45bb7e057cad35c12895482c819a6437dc51011ae59da47e9faffefc6812593d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409325.483738,VS0,VE1
etag
"6b2e9d17ac12434303698ec433a0b70b34305b4c86239b68f8b64d927262e796"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
148
x-cache-hits
1
bnpp_sans-webfont.woff
bnparibaforti.firebaseapp.com/static/css/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans-webfont.woff
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3da6a69d865280145fab80f0a540da70fbcaffb09e131ab4494b71d16d4d1d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409326.512656,VS0,VE1
etag
"f867eff59c3bd0f58e5eabd32a8eda01361ac517a4bfb1ab1f3ca9b53b4c912c"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/woff
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
28044
x-cache-hits
1
bnpiconfont.woff
bnparibaforti.firebaseapp.com/static/css/ 		53 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpiconfont.woff
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0486eb718675e3b7f58c3f90c09ef9bcf15f13e77d80c1a3734d89f8f2f216e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409326.512633,VS0,VE1
etag
"115b244cf4e2e9c1d3d32e76ba2ee2a45cf58456a6ce5718a5376a38ed4289b6"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/woff
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
32032
x-cache-hits
1
bnpp_sans_light-webfont.woff
bnparibaforti.firebaseapp.com/static/css/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans_light-webfont.woff
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5acd07b6ba34bba4f5d0141462e5a61292bb9a3afbcf9afe0038080a163113c6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409326.512802,VS0,VE1
etag
"6fdad5f9055975ab1898938be7ea3e5cfe218eb93dbc0643c1b477eaa79bce0c"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/woff
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
27332
x-cache-hits
1
ipgeo
api.ipgeolocation.io/ 		751 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipgeolocation.io/ipgeo?apiKey=80cae1c9fcb1417e9468149e29b8c70e
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406e9d47bf6dbf03bc6ebada25c36f7c799d946c7dc0008201125bc96277e93c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bnparibaforti.firebaseapp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Jun 2020 15:55:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bnparibaforti.firebaseapp.com
access-control-allow-credentials
true
cf-ray
5a4df46d481cc286-FRA
cf-request-id
036497184b0000c2869011c200000001
x-application-context
application:production:8002
bnpp_sans_cond_regular-webfont.ttf
bnparibaforti.firebaseapp.com/static/css/ 		156 B
257 B 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans_cond_regular-webfont.ttf
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa1f201faca683b3520f0413ea029b33b6fef801ee55aab0216b12839a7da735
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409326.646619,VS0,VE0
etag
"e1d2368e20550b615ed4485c831fdb68d3a383baecb55d97cf44530f4826ed5c"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/ttf
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
148
x-cache-hits
1
bnpp_sans_cond_regular-webfont.woff
bnparibaforti.firebaseapp.com/static/css/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnparibaforti.firebaseapp.com/static/css/bnpp_sans_cond_regular-webfont.woff
Requested by
Host: bnparibaforti.firebaseapp.com
URL: https://bnparibaforti.firebaseapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
118834664625506c47a61ce9e6745ca5da358d02140758d6050c30de6653c7c2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bnparibaforti.firebaseapp.com/static/css/bnpp-fortis.css
Origin
https://bnparibaforti.firebaseapp.com

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 13:47:30 GMT
x-timer
S1592409326.673984,VS0,VE1
etag
"d4349ff5feb2b660adc3469a1dc946d974c077112015e75d93d9546423db8be1"
x-served-by
cache-ams21067-AMS
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
font/woff
status
200
cache-control
max-age=3600
date
Wed, 17 Jun 2020 15:55:25 GMT
accept-ranges
bytes
content-length
24922
x-cache-hits
1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| webpackJsonp object| __core-js_shared__ object| core object| loge object| key

0 Cookies

1 Console Messages

Source Level URL
Text
console-api warning URL: https://bnparibaforti.firebaseapp.com/static/js/vendor.e2907021bf281451670c.js(Line 1749)
Message:
It looks like you're using the development build of the Firebase JS SDK. When deploying Firebase apps to production, it is advisable to only import the individual SDK components you intend to use. For the module builds, these are available in the following manner (replace <PACKAGE> with the name of a component - i.e. auth, database, etc): CommonJS Modules: const firebase = require('firebase/app'); require('firebase/<PACKAGE>'); ES Modules: import firebase from 'firebase/app'; import 'firebase/<PACKAGE>'; Typescript: import * as firebase from 'firebase/app'; import 'firebase/<PACKAGE>';

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipgeolocation.io
bnparibaforti.firebaseapp.com
www.bnpparibasfortis.be
151.101.1.195
193.58.4.82
2606:4700:10::ac43:1147
2a00:1450:4001:81c::200a
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
0bd8bac7550e699b6cf2e371b566cd52a285a49e58142c1ee3aa81c17efed8f5
118834664625506c47a61ce9e6745ca5da358d02140758d6050c30de6653c7c2
301fb78556c0e004e1e35efb8c9ecbb261d2b0be44727b2e8b73da9f840a976d
328a9702c2daeeb22d4379f7dbe4c02fa4f90e45e4b19f3baf509a2c78ab2012
3f6b3048f077663998d7fead9734892be93db35b1c64b94092a932175bfb44e2
406e9d47bf6dbf03bc6ebada25c36f7c799d946c7dc0008201125bc96277e93c
45bb7e057cad35c12895482c819a6437dc51011ae59da47e9faffefc6812593d
5acd07b6ba34bba4f5d0141462e5a61292bb9a3afbcf9afe0038080a163113c6
5d436ffbad327900d040c7afd57b611a65c1a6695766c8cb4da9a62beed25a37
67e1089820ea2c0d78a1387c0397d9a06f00b19569ca3a348b39d7931a1f15eb
77d8b27fb385e5ea2bb4a42503a85e3d5087fb535fd6e31a02d2c0824486d47e
7e6b30e73ff23860ed442056d0bd2e6798cfdecf896fc1eaa6370f62f74037db
93c9a6a55d194ad06d25257509bccbeab5c8e6d0d2cb0da8d4238e33c7bcd992
acad8c233b9c9c3aa515312f2d8e5bf52119899c084940abc96b9dabfa92d7db
b3da6a69d865280145fab80f0a540da70fbcaffb09e131ab4494b71d16d4d1d9
b5b5895c9d4f12ab4cc1c9ca588a0d451e5b1d053d7487bc15f3d3e3d974893e
bcee240785160d2d972bd3f075c0dcb88f47d89b3610b829914b96f7786d0e1d
c4071ff8d0159e2801c2a0918320b7e6946971f8ef047a9672e17e2459ea5533
c48cb154d913fed893b4920867fd6a57b96e495b13e9765a8b1c1365d833e36a
d414b80e539a45c4c5b318d37543f524d2cfcc69c92256879afb2f1dd980fdd1
e0486eb718675e3b7f58c3f90c09ef9bcf15f13e77d80c1a3734d89f8f2f216e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa1f201faca683b3520f0413ea029b33b6fef801ee55aab0216b12839a7da735