Submitted URL: https://connexisebam-test.bnpparibas.com/
Effective URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Submission: On April 06 via automatic, source certstream-suspicious

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 5.144.138.130, located in Joucas, France and belongs to ECRITEL-FRANCE ISP and web hosting., FR. The main domain is connexisebam-test.bnpparibas.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 15th 2018. Valid for: 2 years.
This is the only time connexisebam-test.bnpparibas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 5.144.138.130 8304 (ECRITEL-F...)
10 1
Apex Domain
Subdomains
Transfer
11 bnpparibas.com
connexisebam-test.bnpparibas.com
92 KB
10 1
Domain Requested by
11 connexisebam-test.bnpparibas.com 1 redirects connexisebam-test.bnpparibas.com
10 1

This site contains no links.

Subject Issuer Validity Valid
connexisebam-test.bnpparibas.com
Entrust Certification Authority - L1K
2018-05-15 -
2020-05-15
2 years crt.sh

This page contains 1 frames:

Primary Page: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Frame ID: DFE2814B5DFFEF430D3A80247E537817
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://connexisebam-test.bnpparibas.com/ HTTP 302
    https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

91 kB
Transfer

297 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://connexisebam-test.bnpparibas.com/ HTTP 302
    https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set certSessionStart
connexisebam-test.bnpparibas.com/imperium-front/login/
Redirect Chain
  • https://connexisebam-test.bnpparibas.com/
  • https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
2 KB
2 KB
Document
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
5ec290ce1a91512d900be6eb0a5cc32895111823efb3a32d9b204ba8f9b79a5a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
connexisebam-test.bnpparibas.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, private post-check=0, pre-check=0
Pragma
no-cache
Content-Type
text/html;charset=UTF-8
Content-Language
en
Set-Cookie
JSESSIONID=AEE393C77DD778935A07FC6A6F2F01C5; Path=/imperium-front; Secure; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Content-Length
959
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive

Redirect headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Server
Apache
Strict-Transport-Security
max-age=15768000
Location
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Content-Length
262
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
styles.css
connexisebam-test.bnpparibas.com/imperium-front/css/
50 KB
11 KB
Stylesheet
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/css/styles.css
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
af90314ac93116628f22fd202702ec15a1b66c855a41729e1b27db2ef51f6d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
10048
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 31 Oct 2017 09:08:24 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"51562-1509440904000-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Mon, 06 Apr 2020 06:59:25 GMT
login.css
connexisebam-test.bnpparibas.com/imperium-front/css/
123 KB
18 KB
Stylesheet
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/css/login.css
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
0489eea6a0a3794f0847ec9d2a92e75f41bae4aef066823bf81ef7429f97c414
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
17700
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 30 Oct 2017 09:54:42 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"126060-1509357282000-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Expires
Mon, 06 Apr 2020 06:59:25 GMT
login-bnpp.css
connexisebam-test.bnpparibas.com/imperium-front/css/
897 B
1 KB
Stylesheet
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/css/login-bnpp.css
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
f1b4ed697bbc18175f425ef2bda70385c6d8035f8b8eac6b1eb80f2f1c6a287a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
365
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 30 Oct 2017 09:54:42 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"897-1509357282000-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
text/css
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Mon, 06 Apr 2020 06:59:25 GMT
jquery-1.8.3.min.js
connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/
91 KB
34 KB
Script
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/jquery-1.8.3.min.js
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
33433
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 14 Nov 2017 13:36:30 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"93637-1510666590000-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Mon, 06 Apr 2020 06:59:25 GMT
application.js
connexisebam-test.bnpparibas.com/imperium-front/js/
9 KB
4 KB
Script
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/js/application.js
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
e18058bceec0d0a08b0f28f7affe89cee47f3cde94c581ec3dfe72426f7d5420
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/login/certSessionStart
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Content-Length
2931
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 18 Jul 2016 13:35:58 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"9560-1468848958000-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=15768000
Content-Type
application/javascript
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Mon, 06 Apr 2020 06:59:25 GMT
bnp-header-background-repeat.png
connexisebam-test.bnpparibas.com/imperium-front/images/skin/
1 KB
2 KB
Image
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/images/skin/bnp-header-background-repeat.png
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
3696e894ad4dfd4052f5b06682b0fc342e59a4621f7975ee4c51dd6a2aab7dee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/css/login-bnpp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Connection
Keep-Alive
Content-Length
1084
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 May 2014 13:50:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"1084-1399038618000"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Mon, 06 Apr 2020 06:59:25 GMT
bnpp-logotype-left.png
connexisebam-test.bnpparibas.com/imperium-front/images/skin/
9 KB
10 KB
Image
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/images/skin/bnpp-logotype-left.png
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
bd33cf5965495475d80f7953401268ce19d64db50df5c118d36f720c9f6baff1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/css/login-bnpp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Connection
Keep-Alive
Content-Length
9281
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 May 2014 13:50:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"9281-1399038618000"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Mon, 06 Apr 2020 06:59:25 GMT
bnpp-birds-background.png
connexisebam-test.bnpparibas.com/imperium-front/images/skin/
9 KB
9 KB
Image
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/images/skin/bnpp-birds-background.png
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
30182d1e46ee8dbe08708aaf257e54ffdccca9ea63aa56ca6f957b045e542cc7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/css/login-bnpp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Connection
Keep-Alive
Content-Length
8821
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 May 2014 13:50:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"8821-1399038618000"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Mon, 06 Apr 2020 06:59:25 GMT
shadow.jpg
connexisebam-test.bnpparibas.com/imperium-front/images/skin/
305 B
1 KB
Image
General
Full URL
https://connexisebam-test.bnpparibas.com/imperium-front/images/skin/shadow.jpg
Requested by
Host: connexisebam-test.bnpparibas.com
URL: https://connexisebam-test.bnpparibas.com/imperium-front/plugins/jquery-1.8.3/js/jquery/jquery-1.8.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.144.138.130 Joucas, France, ASN8304 (ECRITEL-FRANCE ISP and web hosting., FR),
Reverse DNS
alsyontechnologie1.ecritel.net
Software
Apache /
Resource Hash
6599bf82013714168e75672f5d6f1e2a2da6f48628e983a523239e3a46e92faa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connexisebam-test.bnpparibas.com/imperium-front/css/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 06:39:25 GMT
Connection
Keep-Alive
Content-Length
305
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Mar 2014 15:37:16 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
W/"305-1393947436000"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Expect-Staple
max-age=0; report-uri=https://acafr.report-uri.com/r/d/staple/reportOnly
Cache-Control
max-age=1200
Content-Security-Policy
default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Expires
Mon, 06 Apr 2020 06:59:25 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery undefined| Ajax function| applyElementUpdates function| showBic function| hideElements function| showElements function| numbersOnly function| checkFormat function| growlerNotification function| changeCursorWaiting function| sortAlpha function| fixTitleForTabs function| addDatepickerOnInput function| updateDatePickerInputs function| clearDatePickerInputs function| changeDatepickerInputId function| fixIEoverflow function| waitingWindow function| sslClientCertLogout function| preventDoubleClick

1 Cookies

Domain/Path Name / Value
connexisebam-test.bnpparibas.com/imperium-front Name: JSESSIONID
Value: AEE393C77DD778935A07FC6A6F2F01C5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; frame-ancestors 'self'; base-uri 'self'; report-uri https://acafr.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block