urlscan.io logo urlscan.io
SecurityTrails logo

bnppcare1710.thirtythreelive.co.uk Open in urlscan Pro
40.83.97.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://bnppcare1710.thirtythreelive.co.uk/
Submission: On March 30 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 27 HTTP transactions. The main IP is 40.83.97.16, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is bnppcare1710.thirtythreelive.co.uk.
TLS certificate: Issued by R3 on March 13th 2022. Valid for: 3 months.
This is the only time bnppcare1710.thirtythreelive.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 40.83.97.16 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
27 5
19    40.83.97.16 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bnppcare1710.thirtythreelive.co.uk
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)
fast.fonts.net
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
19 thirtythreelive.co.uk
bnppcare1710.thirtythreelive.co.uk
1 MB
4 fonts.net
fast.fonts.net — Cisco Umbrella Rank: 3095
53 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 652
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
37 KB
27 5
Domain Requested by
19 bnppcare1710.thirtythreelive.co.uk bnppcare1710.thirtythreelive.co.uk
4 fast.fonts.net bnppcare1710.thirtythreelive.co.uk
fast.fonts.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 code.jquery.com bnppcare1710.thirtythreelive.co.uk
1 www.googletagmanager.com bnppcare1710.thirtythreelive.co.uk
27 5

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com
cdn-pays.bnpparibas.com
www.youtube.com
group.bnpparibas
apac.bnpparibas
Subject Issuer Validity Valid
careers.apac.bnpparibas
R3		 2022-03-13 -
2022-06-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bnppcare1710.thirtythreelive.co.uk/
Frame ID: D5345427B4DBB6A5B2A8FDFA028DA65F
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home :: BNP PARIBAS | APAC Careers

Detected technologies

Overall confidence: 100%
Detected patterns
  • /concrete/js/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

1483 kB
Transfer

1791 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bnppcare1710.thirtythreelive.co.uk/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
29caeffad4d726e3e92ceafb696851419671cf11d925bcb4c057017dfe3dbe9d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4044
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Content-Type
text/html
Date
Wed, 30 Mar 2022 19:10:18 GMT
ETag
"4cd5-5d1b3260e806f-gzip"
Keep-Alive
timeout=15, max=100
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
font-awesome.css
bnppcare1710.thirtythreelive.co.uk/concrete/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/concrete/css/font-awesome.css?ccm_nocache=53bbd3ae9917494e17bbe263248dbea6e2fa4363
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
cf69be257b6ff92dc83176511bb5c9a0142453a94175be05e16fc14850e29fd9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
7020
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"78bb-5d1b3260e70cf-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
view.css
bnppcare1710.thirtythreelive.co.uk/application/blocks/page_list/templates/slider_layout/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/blocks/page_list/templates/slider_layout/view.css?ccm_nocache=53bbd3ae9917494e17bbe263248dbea6e2fa4363
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
f58faab9fdee0f36c178d46fc3ed595d2770402f1ee734e0d0f9bfeb4172b75f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
313
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"453-5d1b3260e5d47-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57305772-2
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3ff2e3f16081e437db2bd7917f23df1d99d3b5216ca8b3d92e9a7436088dc31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37825
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 19:10:20 GMT
f20cad4c-5677-49c3-9a52-55e67648b11b.css
fast.fonts.net/cssapi/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1a82aec4c388393a43b5198f8537dde134184a11bd20c8cd00e2dbd32f42ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:19 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 18 Feb 2021 02:26:36 GMT
server
cloudflare
x-amz-request-id
PEC2692FK79DFM35
etag
W/"ce93aedbee2e30e1613497a29a123fb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=300
x-amz-meta-mtime
1519910316
cf-ray
6f432509ad869207-FRA
x-amz-id-2
fSJQUwJ7YYQl1uZ9pLgKp//7+84OuQ1QMAwz0ks0m28aYTzbqT0pmFLsbv36KPubrn6lRbZCABY=
expires
Wed, 30 Mar 2022 19:15:19 GMT
main.css
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/ 		93 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/main.css
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
07e1b7c81ee831409eb47a4a0452f7f24d63dbf701afda617ef26660c0d87511
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
15730
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"17486-5d1b3260e612f-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://bnppcare1710.thirtythreelive.co.uk/
Origin
https://bnppcare1710.thirtythreelive.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:19 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1648667419.dop155.am5.t,1648667419.cds221.am5.hn,1648667419.cds007.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
BNPP-apac.png
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/img/BNPP-apac.png
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
8fbd57d70b6923ebd67b34d206e368bd77d108d9701996fbd5a1d7aaf45f296a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"14b9-5d08357ab88ca"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Content-Length
5305
X-XSS-Protection
1; mode=block
logo_black.png
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/img/logo_black.png
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
218d736c37773d2b736a22bf44fb56958069cc78b160aca281f31b898a457fd1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"1236-5d08357ab88ca"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
4662
X-XSS-Protection
1; mode=block
picturefill.js
bnppcare1710.thirtythreelive.co.uk/concrete/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/concrete/js/picturefill.js?ccm_nocache=53bbd3ae9917494e17bbe263248dbea6e2fa4363
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5171
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"2e1f-5d1b3260e70cf-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
plugins-home.js
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/plugins-home.js
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
cae10bf923811db4a88a8af202e1246e4ae3600f2ef36143a5b86c4f5b7aea98
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
18922
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"115d6-5d08357ab88ca-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
plugins.js
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/plugins.js
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ee987351716ac6f64a983e52f73bd024165b5ad531391ed57d46c5b1a2d3ff33
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
762
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"68c-5d08357ab88ca-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
main.js
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/js/main.js
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e4a8d5a8768891d64d40de23d41528e2a2cf1473b4c392db58634f1b33319279
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1242
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"d22-5d08357ab88ca-gzip"
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/javascript
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
1.css
fast.fonts.net/t/ 		0
235 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/t/1.css?apiType=css&projectid=f20cad4c-5677-49c3-9a52-55e67648b11b
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:20 GMT
cf-cache-status
MISS
last-modified
Tue, 23 Mar 2021 12:59:23 GMT
server
cloudflare
x-amz-request-id
PEC37C36Y4XN37BK
etag
"d41d8cd98f00b204e9800998ecf8427e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=0, s-maxage=604800
accept-ranges
bytes
cf-ray
6f43250c8af49207-FRA
content-length
0
x-amz-id-2
Dr12sDaeP0R8isX0r9oOKpGTlvr30x+t7iNykRllZwn0wfbe0vUz6XrawwUoTVzs+zo6C/2QVSA=
x-amz-meta-mtime
1519217722
ChangingWorld-min.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/6315/1308/5858/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/6315/1308/5858/ChangingWorld-min.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
da9e8e5d96447f854995e94a5ce508e5105d36b16579743a42bf58d152c37dba
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"3321e-5d08357ab6d72"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Content-Length
209438
X-XSS-Protection
1; mode=block
sl-2-v2_-_Students__graduates-V2.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/6815/1999/7194/ 		157 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/6815/1999/7194/sl-2-v2_-_Students__graduates-V2.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
b0c836c7614c1375bc857e4f58b37963bd33647b316f91bc7aad2e3b58ba4a39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"27522-5d08357ab7542"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
161058
X-XSS-Protection
1; mode=block
social.ttf
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/fonts/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/fonts/social.ttf?78thag
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
3d8887d91c0daba404e837144908da0f80e2981c8012d95dfe2577b384e9bd15
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/main.css
Origin
https://bnppcare1710.thirtythreelive.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
ETag
"794-5d1b3260e70cf"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-sfnt
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
1940
X-XSS-Protection
1; mode=block
bnpp-sans.ttf
bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/fonts/ 		112 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/fonts/bnpp-sans.ttf?78thag
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
ffc1b98f2e50ae1e01cf7b30ca952460204b7ac9528b5ca9b41c6c8f52fce67e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bnppcare1710.thirtythreelive.co.uk/application/themes/thirty_three/assets/css/main.css
Origin
https://bnppcare1710.thirtythreelive.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 26 Nov 2021 15:57:31 GMT
Server
Apache
ETag
"1c1f4-5d1b3260e6ce7"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-sfnt
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
115188
X-XSS-Protection
1; mode=block
44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2
fast.fonts.net/dv2/14/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/dv2/14/44e7b0fa-6c8d-43c2-b19e-f1e3ce9ea57c.woff2?d44f19a684109620e4841671a390e81861e5bf4e1b93567b3ef11d5c04ac94a1a80c8a7343088bc232a47b9f30f37c719c77504ef5dca3b006be863ce181320ab7381ed11029cb4394c8553561f2425b00b411ed77c131930e77370c9b1f4754751785da05b06dd384ef3ce6a43be61b6b592b68b1e45fe587dab28234175deb1bc27e6519158079ba07abb3fd3513430e171f9cc0a8e4fd6dfabb94a60ac4581d9b41344a96cc83b783786a4e3c19ad936d43f9490c1bab6f840d975df234140eb28f60cba6da41fffdae5c1870adfdfbd5117891e9be1320fe07cc4604f5cd5371367291f6f49dc1cd8f0470e2aa26e92115496b29312b7a17e6f464155c5fd4ded0835680e86ef4df2abd8a10c750dec2a6a8f5d541d738bd4619&projectId=f20cad4c-5677-49c3-9a52-55e67648b11b
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e

Request headers

Referer
https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Origin
https://bnppcare1710.thirtythreelive.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:20 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
C4VJFTAEZRGNBMC3
content-length
24988
x-amz-id-2
ACQPKNtlLrMCeP8M2bZsSuX80JGKDAHzRQpuC1UzEGd6YmAE3s4znQsulPR8AwjNfuOQIa0cy3U=
expires
Wed, 30 Mar 2022 19:15:20 GMT
last-modified
Fri, 13 Nov 2020 11:02:09 GMT
server
cloudflare
etag
"2d70ecfba83f1b8c993d7497db083bb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
6f43250f8cc49000-FRA
x-amz-meta-mtime
1418765058
258804c2-9ca6-4856-bad7-67cde4f087b4.woff2
fast.fonts.net/dv2/14/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fast.fonts.net/dv2/14/258804c2-9ca6-4856-bad7-67cde4f087b4.woff2?d44f19a684109620e4841671a390e81861e5bf4e1b93567b3ef11d5c04ac94a1a80c8a7343088bc232a47b9f30f37c719c77504ef5dca3b006be863ce181320ab7381ed11029cb4394c8553561f2425b00b411ed77c131930e77370c9b1f4754751785da05b06dd384ef3ce6a43be61b6b592b68b1e45fe587dab28234175deb1bc27e6519158079ba07abb3fd3513430e171f9cc0a8e4fd6dfabb94a60ac4581d9b41344a96cc83b783786a4e3c19ad936d43f9490c1bab6f840d975df234140eb28f60cba6da41fffdae5c1870adfdfbd5117891e9be1320fe07cc4604f5cd5371367291f6f49dc1cd8f0470e2aa26e92115496b29312b7a17e6f464155c5fd4ded0835680e86ef4df2abd8a10c750dec2a6a8f5d541d738bd4619&projectId=f20cad4c-5677-49c3-9a52-55e67648b11b
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d9861614d107ab64754396fabe5a1c6c4b5d66946f63a81787ca7dc0568dae

Request headers

Referer
https://fast.fonts.net/cssapi/f20cad4c-5677-49c3-9a52-55e67648b11b.css
Origin
https://bnppcare1710.thirtythreelive.co.uk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:10:20 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
C4VKZB7A6BW8VQGV
content-length
25676
x-amz-id-2
8WptQAIQWkfGaCXHy7+7e1hwy9/jCTe3YOl4rAqgiYKfnhTbTr8dYAE4Oh6m64hM9dbzS/wjp1k=
expires
Wed, 30 Mar 2022 19:15:20 GMT
last-modified
Thu, 12 Nov 2020 19:04:32 GMT
server
cloudflare
etag
"b5f2c62758d8206c0efef089529a5f02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=300
accept-ranges
bytes
cf-ray
6f43250f8cc79000-FRA
x-amz-meta-mtime
1418749042
FitIn-min.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/1215/1308/6065/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/1215/1308/6065/FitIn-min.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
1f32921fcee2e8e90a3d2ec786da509714841ad3748607e5be7ce9dbcface054
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"180b0-5d08357ab4662"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=96
Content-Length
98480
X-XSS-Protection
1; mode=block
sl-4-v2_-_Our_APAC_locations-V2.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/9515/1999/7247/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/9515/1999/7247/sl-4-v2_-_Our_APAC_locations-V2.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
5e1bd5b60bc6a8231d3400059e867b49fa296625d93053b977f4738caa9c39f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"15617-5d08357ab84e2"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
87575
X-XSS-Protection
1; mode=block
Know-min.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/6715/1308/6203/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/6715/1308/6203/Know-min.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
1278a254f7f7c1bc92719198cb770c3b84a218068c41d9c273b7daae84061d65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"f238-5d08357ab715a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
62008
X-XSS-Protection
1; mode=block
BNP_Header_06_1.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/6815/1999/7330/ 		145 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/6815/1999/7330/BNP_Header_06_1.jpg
Requested by
Host: bnppcare1710.thirtythreelive.co.uk
URL: https://bnppcare1710.thirtythreelive.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
fb0f644107c83c145ed35ed3e219cdae6aa203540a91a6b860e44441a9b33ae2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:20 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"245d9-5d08357ab7542"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=95
Content-Length
148953
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57305772-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5730
date
Wed, 30 Mar 2022 17:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 19:34:50 GMT
collect
www.google-analytics.com/j/ 		1 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=517256583&t=pageview&_s=1&dl=https%3A%2F%2Fbnppcare1710.thirtythreelive.co.uk%2F&ul=en-us&de=UTF-8&dt=Home%20%3A%3A%20BNP%20PARIBAS%20%7C%20APAC%20Careers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=654665971&gjid=761865257&cid=297482309.1648667420&tid=UA-57305772-2&_gid=1276419098.1648667420&_r=1&gtm=2ou3n1&z=1151558764
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bnppcare1710.thirtythreelive.co.uk/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 19:10:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bnppcare1710.thirtythreelive.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
indonesia_348257096.jpg
bnppcare1710.thirtythreelive.co.uk/application/files/9415/0185/3178/ 		394 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bnppcare1710.thirtythreelive.co.uk/application/files/9415/0185/3178/indonesia_348257096.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.83.97.16 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
26beed932e3447085b6c03092a32f1275a0a7a92b36bd4f65007fb123befbe38
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bnppcare1710.thirtythreelive.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 19:10:25 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Nov 2021 13:30:13 GMT
Server
Apache
ETag
"629ad-5d08357ab80fa"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
https://careers.apac.bnpparibas
Content-Security-Policy
default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=94
Content-Length
403885
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails string| CCM_DISPATCHER_FILENAME number| CCM_CID boolean| CCM_EDIT_MODE boolean| CCM_ARRANGE_MODE string| CCM_IMAGE_PATH string| CCM_TOOLS_PATH string| CCM_APPLICATION_URL string| CCM_REL string| CCM_ACTIVE_LOCALE function| gtag object| dataLayer function| $ function| jQuery object| titles object| bg number| x number| y function| fadeIn function| changeImage object| picturefillCFG function| picturefill function| fp_parallaxExtension object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| latestKnownScrollY boolean| ticking object| header function| onScroll function| requestTick function| updateMenu object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.fonts.net/ Name: __cf_bm
Value: LUK0xP3RkImCaCiV_yj73wQr1BaqgMN2Tsso.a0AQuk-1648667419-0-AYZhlnyukslXsrDWlz/IwFjJw3OoCl5wjfa1yfpPrY46RkYBFFEyWM0U971RWO8b0GilyOwTVq2/5RGUvaBEYnI=
.thirtythreelive.co.uk/ Name: _ga
Value: GA1.3.297482309.1648667420
.thirtythreelive.co.uk/ Name: _gid
Value: GA1.3.1276419098.1648667420
.thirtythreelive.co.uk/ Name: _gat_gtag_UA_57305772_2
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' data: https://*.ytimg.com https://www.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://ssl.gstatic.com https://www.gstatic.com; style-src 'self' 'unsafe-inline' https://fast.fonts.net https://tagmanager.google.com; font-src 'self' https://fast.fonts.net data:; frame-src 'self' https://player.vimeo.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com https://code.jquery.com https://www.googletagmanager.com https://www.google-analytics.com https://stats.g.doubleclick.net https://tagmanager.google.com; connect-src https://www.google-analytics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bnppcare1710.thirtythreelive.co.uk
code.jquery.com
fast.fonts.net
www.google-analytics.com
www.googletagmanager.com
2001:4de0:ac18::1:a:2b
2606:4700::6811:e04e
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2008
40.83.97.16
07e1b7c81ee831409eb47a4a0452f7f24d63dbf701afda617ef26660c0d87511
1278a254f7f7c1bc92719198cb770c3b84a218068c41d9c273b7daae84061d65
1f32921fcee2e8e90a3d2ec786da509714841ad3748607e5be7ce9dbcface054
218d736c37773d2b736a22bf44fb56958069cc78b160aca281f31b898a457fd1
26beed932e3447085b6c03092a32f1275a0a7a92b36bd4f65007fb123befbe38
29caeffad4d726e3e92ceafb696851419671cf11d925bcb4c057017dfe3dbe9d
39d9861614d107ab64754396fabe5a1c6c4b5d66946f63a81787ca7dc0568dae
3d8887d91c0daba404e837144908da0f80e2981c8012d95dfe2577b384e9bd15
5e1bd5b60bc6a8231d3400059e867b49fa296625d93053b977f4738caa9c39f5
606aeba72580863b6f94f94a6b9d4bda72f17ff65e4adb951356d2a7f545707e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1a82aec4c388393a43b5198f8537dde134184a11bd20c8cd00e2dbd32f42ab
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8fbd57d70b6923ebd67b34d206e368bd77d108d9701996fbd5a1d7aaf45f296a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b0c836c7614c1375bc857e4f58b37963bd33647b316f91bc7aad2e3b58ba4a39
c3ff2e3f16081e437db2bd7917f23df1d99d3b5216ca8b3d92e9a7436088dc31
cae10bf923811db4a88a8af202e1246e4ae3600f2ef36143a5b86c4f5b7aea98
cf69be257b6ff92dc83176511bb5c9a0142453a94175be05e16fc14850e29fd9
da9e8e5d96447f854995e94a5ce508e5105d36b16579743a42bf58d152c37dba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a8d5a8768891d64d40de23d41528e2a2cf1473b4c392db58634f1b33319279
ee987351716ac6f64a983e52f73bd024165b5ad531391ed57d46c5b1a2d3ff33
f58faab9fdee0f36c178d46fc3ed595d2770402f1ee734e0d0f9bfeb4172b75f
fb0f644107c83c145ed35ed3e219cdae6aa203540a91a6b860e44441a9b33ae2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffc1b98f2e50ae1e01cf7b30ca952460204b7ac9528b5ca9b41c6c8f52fce67e