urlscan.io logo urlscan.io
SecurityTrails logo

gaap.natixis.com Open in urlscan Pro
185.148.120.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.customer-data-admin.ostrum.com/
Effective URL: https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAcce...
Submission: On January 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 44 HTTP transactions. The main IP is 185.148.120.163, located in and belongs to . The main domain is gaap.natixis.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 12th 2023. Valid for: a year.
This is the only time gaap.natixis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 91.135.181.240 43342 (FR-BPCE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 91.135.181.238 43342 (FR-BPCE)
1 2 185.148.120.163 ()
44 6
19    91.135.181.240 (France)

ASN43342 (FR-BPCE, FR)
PTR: ip240.net181.gcetech.net
www.customer-data-admin.ostrum.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    91.135.181.238 (France)

ASN43342 (FR-BPCE, FR)
www.customer-data-admin-auth.api.ostrum.com
2    185.148.120.163 (None, )

ASN- ()
gaap.natixis.com
Apex Domain
Subdomains		 Transfer
20 ostrum.com
www.customer-data-admin.ostrum.com
www.customer-data-admin-auth.api.ostrum.com
4 MB
2 natixis.com
gaap.natixis.com
1 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1326
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
17 KB
44 4
Domain Requested by
19 www.customer-data-admin.ostrum.com www.customer-data-admin.ostrum.com
2 gaap.natixis.com 1 redirects gaap.natixis.com
2 unpkg.com 1 redirects www.customer-data-admin.ostrum.com
2 cdnjs.cloudflare.com www.customer-data-admin.ostrum.com
1 www.customer-data-admin-auth.api.ostrum.com www.customer-data-admin.ostrum.com
44 5

This site contains no links.

Subject Issuer Validity Valid
www.customer-data-admin.ostrum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-04 -
2024-09-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.customer-data-admin-auth.api.ostrum.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-15 -
2024-06-14		 a year crt.sh
gaap.natixis.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2024-04-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAccess%2FData_Client_Maintenance_NXIFH%3FtabId%3D11681888
Frame ID: 33A8A993F820EB01FD74A5A6DA676B1E
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.customer-data-admin.ostrum.com/ Page URL
  2. https://www.customer-data-admin-auth.api.ostrum.com/api/oauth/authorize?client_id=b904b021-a666-49f0-a516-9336b00dc341&redirect_... Page URL
  3. https://gaap.natixis.com/samlv2/AccueilAuth/IdPAccess/Data_Client_Maintenance_NXIFH HTTP 302
    https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FA... Page URL

Page Statistics

44
Requests

52 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

4519 kB
Transfer

4554 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.customer-data-admin.ostrum.com/ Page URL
  2. https://www.customer-data-admin-auth.api.ostrum.com/api/oauth/authorize?client_id=b904b021-a666-49f0-a516-9336b00dc341&redirect_uri=https%3A%2F%2Fwww.customer-data-admin.ostrum.com%2F%23%2Findex.html&response_type=code&code_challenge=oc09ksoCctQCSH2DZCMGrsuEFi02v25X2ILWq0Llze8&code_challenge_method=S256&scope=urn%3Anatixis-am%3Adata_overload%3Aread%20urn%3Anatixis-am%3Adata_overload%3Awrite Page URL
  3. https://gaap.natixis.com/samlv2/AccueilAuth/IdPAccess/Data_Client_Maintenance_NXIFH HTTP 302
    https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAccess%2FData_Client_Maintenance_NXIFH%3FtabId%3D11681888 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/angular2/es6/dev/src/testing/shims_for_IE.js HTTP 302
  • https://unpkg.com/angular2@2.0.0-beta.21/es6/dev/src/testing/shims_for_IE.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.customer-data-admin.ostrum.com/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
3f38cb14869f12f56dac7d66bdb874b176323b69e52e868249aa0dad69484587
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=480 max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny Deny Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Connection
Keep-Alive
Content-Length
1351
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 17:00:40 GMT
Expect-CT
max-age=0
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Keep-Alive
timeout=5, max=300
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload max-age=480 max-age=480
X-Content-Type-Options
nosniff
X-Frame-Options
Deny Deny Deny
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
es6-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es6-shim/0.33.3/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es6-shim/0.33.3/es6-shim.min.js
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6fd7482cb9f3aed074fbdb7d22c3ea1d8601f694f72cef50c9ed08475654a5c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3490244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12540
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-bd42"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u8tFH4E83Wj4csy1gOZVbDVdfkMz2PAhX069adepcFVVKZET7pEU%2BSvlnPT%2Bvthp8dv%2F7w7N%2FVDCEUS07ZezKFO6RJJyNv0S3v83SxYSBiQiZjC7djIdYZq4zckgFjArFnAcAWE0LwsXD10WN9QAh1H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83f48f404f3d4bc0-BUF
expires
Sun, 22 Dec 2024 17:00:40 GMT
system-polyfills.js
cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.20/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/systemjs/0.19.20/system-polyfills.js
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950c228a7493000da1dda78f709bb67dc6ab13f27333099e513aba1f63a346db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3578478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4019
last-modified
Mon, 04 May 2020 16:16:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff8-3697"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDDsLv1U9ZxTwfGIM9%2BvlALV5FHpBGEL0%2FQZPL7cGmketG3KM7prV3Vw0jv7xSuo9LD%2FkbGBuVsLL%2BKco0%2FrH671IECAeawvjtAxGYwCKCkK78c4nI0r4kbsHkvTiQkhXZ22BWCcnJkf9UvW72USEqGs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83f48f404f3c4bc0-BUF
expires
Sun, 22 Dec 2024 17:00:40 GMT
shims_for_IE.js
unpkg.com/angular2@2.0.0-beta.21/es6/dev/src/testing/
Redirect Chain
  • https://unpkg.com/angular2/es6/dev/src/testing/shims_for_IE.js
  • https://unpkg.com/angular2@2.0.0-beta.21/es6/dev/src/testing/shims_for_IE.js
6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/angular2@2.0.0-beta.21/es6/dev/src/testing/shims_for_IE.js
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2223bf811286a930e4b395169bc2376e26d8daf4ea867d4558264f15db3f38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 17:00:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 28 Apr 2016 18:53:37 GMT
fly-request-id
01HK5HXHFQFSMRCYXWZ2KPPSMK-lga
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
server
cloudflare
etag
W/"19ad-6Y3HkHMg7hlsW4j1o0DoE+p71qg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
83f48f430fb44bbd-BUF

Redirect headers

date
Tue, 02 Jan 2024 17:00:40 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
MISS
fly-request-id
01HK5HXH1NS6CPBFRB4YJT73MP-lga
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/angular2@2.0.0-beta.21/es6/dev/src/testing/shims_for_IE.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
83f48f404eb44bbd-BUF
styles
www.customer-data-admin.ostrum.com/dist/ 		581 KB
583 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
ded8a15b1d4613e0ccf0eb5d591fbf3889d78ea35801aaacc53471476969adbf
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:40 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
595395
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Tue, 02 Jan 2024 17:00:40 GMT
Expect-CT
max-age=0
Vary
User-Agent
X-Frame-Options
Deny, Deny, Deny
Content-Type
text/css; charset=utf-8
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Cache-Control
public
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Keep-Alive
timeout=5, max=299
Expires
Wed, 01 Jan 2025 17:00:40 GMT
scripts
www.customer-data-admin.ostrum.com/dist/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/scripts?v=qb-dy0I6ZjWUfHh2sWnVz5AnTRdCUqll_LVCdrDhcDo1
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
b7cd16b37bbae094567e17952fbd31800b88b0b6b8e0cfff0f3839bfbd60f2d3
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:40 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
3686417
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Tue, 02 Jan 2024 17:00:40 GMT
Expect-CT
max-age=0
Vary
User-Agent
X-Frame-Options
Deny, Deny, Deny
Content-Type
text/javascript; charset=utf-8
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Cache-Control
public
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Keep-Alive
timeout=5, max=300
Expires
Wed, 01 Jan 2025 17:00:40 GMT
BwOstrum-Regular.af7ecfd3403966c9.woff
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Regular.af7ecfd3403966c9.woff
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash
ec18b12fd0d6bb24bc83fe619d0d7ff9486fa8a40df3f945ca400181dda28a52

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
BwOstrum-Regular.d8eb36181f19639d.woff2
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Regular.d8eb36181f19639d.woff2
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash
ec18b12fd0d6bb24bc83fe619d0d7ff9486fa8a40df3f945ca400181dda28a52

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
BwOstrum-Regular.dc9f6643fe3af1ca.otf
www.customer-data-admin.ostrum.com/dist/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Regular.dc9f6643fe3af1ca.otf
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
f761a9156f33ee748cdf4e2872b1fb52c58a23ba84d553a12f555983be8311b4
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:42 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
68404
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:35 GMT
ETag
"413ea9e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
font/otf
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=296
config.json
www.customer-data-admin.ostrum.com/dist/assets/config/ 		583 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/assets/config/config.json
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/scripts?v=qb-dy0I6ZjWUfHh2sWnVz5AnTRdCUqll_LVCdrDhcDo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
623baef4023940470ba30a0b78f25f0dbeb1b53ce26016171a494725435d9129
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.customer-data-admin.ostrum.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:47 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
583
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"66162fe22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
application/json
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=299
config.json
www.customer-data-admin.ostrum.com/dist/assets/config/ 		583 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/assets/config/config.json
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/scripts?v=qb-dy0I6ZjWUfHh2sWnVz5AnTRdCUqll_LVCdrDhcDo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
623baef4023940470ba30a0b78f25f0dbeb1b53ce26016171a494725435d9129
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.customer-data-admin.ostrum.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
583
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"66162fe22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
application/json
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=298
ostrum-48.png
www.customer-data-admin.ostrum.com/dist/assets/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.customer-data-admin.ostrum.com/dist/assets/img/ostrum-48.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
4189
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"593e38e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
image/png
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=297
nim-48.png
www.customer-data-admin.ostrum.com/dist/assets/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.customer-data-admin.ostrum.com/dist/assets/img/nim-48.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.customer-data-admin.ostrum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
4060
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"e53035e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
image/png
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=300
ionicons.5ea9fc1089bbe57a.woff2
www.customer-data-admin.ostrum.com/dist/ 		49 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/ionicons.5ea9fc1089bbe57a.woff2?v=4.6.3
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
50556
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:35 GMT
ETag
"1374f6e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
font/woff2
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=296
BwOstrum-Bold.52824568445fd61c.woff
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Bold.52824568445fd61c.woff
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
BwOstrum-Medium.56695337d56493a5.woff
www.customer-data-admin.ostrum.com/dist/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Medium.56695337d56493a5.woff
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
42548
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:35 GMT
ETag
"a91384e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
font/x-woff
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=300
BwOstrum-RegularItalic.2bdea83c8413f80f.woff
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.2bdea83c8413f80f.woff
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
authorize
www.customer-data-admin-auth.api.ostrum.com/api/oauth/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin-auth.api.ostrum.com/api/oauth/authorize?client_id=b904b021-a666-49f0-a516-9336b00dc341&redirect_uri=https%3A%2F%2Fwww.customer-data-admin.ostrum.com%2F%23%2Findex.html&response_type=code&code_challenge=oc09ksoCctQCSH2DZCMGrsuEFi02v25X2ILWq0Llze8&code_challenge_method=S256&scope=urn%3Anatixis-am%3Adata_overload%3Aread%20urn%3Anatixis-am%3Adata_overload%3Awrite
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/scripts?v=qb-dy0I6ZjWUfHh2sWnVz5AnTRdCUqll_LVCdrDhcDo1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.135.181.238 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Tue, 02 Jan 2024 17:00:51 GMT
Host
www.customer-data-admin-auth.api.ostrum.com
Keep-Alive
timeout=5, max=300
Pragma
no-cache
Referer
https://www.customer-data-admin.ostrum.com/
Sec-Fetch-Dest
document
Sec-Fetch-Mode
navigate
Sec-Fetch-Site
same-site
Transfer-Encoding
chunked
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-CorrelationID
Id-434194654ffb4496f9b5ded1 0
X-Forwarded-For
96.9.249.37, 100.120.84.218
X-Forwarded-Port
443
X-Forwarded-Proto
https
accept-language
en-US,en;q=0.9
grant_type
urn:ietf:params:oauth:grant-type:saml2-bearer
BwOstrum-Light.863f5f3b8b4615a8.woff
www.customer-data-admin.ostrum.com/dist/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Light.863f5f3b8b4615a8.woff
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
41836
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"fcae72e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
font/x-woff
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=300
BwOstrum-Bold.d2fb34a3ce268896.woff2
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Bold.d2fb34a3ce268896.woff2
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
BwOstrum-RegularItalic.ebe6e278565ed0f9.woff2
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.ebe6e278565ed0f9.woff2
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
BwOstrum-Bold.66bc8fe58a63fb88.otf
www.customer-data-admin.ostrum.com/dist/ 		67 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Bold.66bc8fe58a63fb88.otf
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny, Deny, Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 17:00:49 GMT
Content-Security-Policy
default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=480, max-age=480
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
Content-Length
68452
X-XSS-Protection
1; report=/Jaspe/Security/XssReporting; mode=block
Public-Key-Pins
max-age=0; includeSubDomains
Referrer-Policy
origin
Last-Modified
Wed, 27 Sep 2023 10:46:34 GMT
ETag
"48e558e22ff1d91:0"
Expect-CT
max-age=0
X-Frame-Options
Deny, Deny, Deny
Report-To
{"group":"csp-endpoint","max-age":0,"endpoints":[{"url":"/Jaspe/Security/CspReporting"}]}
Content-Type
font/otf
Feature-Policy
geolocation 'none'; midi 'none'; camera 'none'; usb 'none'; magnetometer 'none'; sync-xhr 'none'; microphone 'none'; gyroscope 'none'; speaker 'none'; payment 'none'
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=298
BwOstrum-RegularItalic.fd1a3d18886b2fb7.otf
www.customer-data-admin.ostrum.com/dist/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.fd1a3d18886b2fb7.otf
Requested by
Host: www.customer-data-admin.ostrum.com
URL: https://www.customer-data-admin.ostrum.com/dist/styles?v=yeXNU1x8bICjFhp-q19lCdwOyqQip6e0N4yJ3RFOU0A1
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.135.181.240 , France, ASN43342 (FR-BPCE, FR),
Reverse DNS
ip240.net181.gcetech.net
Software
BigIP /
Resource Hash

Request headers

Referer
https://www.customer-data-admin.ostrum.com/
Origin
https://www.customer-data-admin.ostrum.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Server
BigIP
Connection
Keep-Alive
Page_Erreur
INDISPO
Content-Length
2622
Primary Request chooseschema
gaap.natixis.com/form/auth/
Redirect Chain
  • https://gaap.natixis.com/samlv2/AccueilAuth/IdPAccess/Data_Client_Maintenance_NXIFH
  • https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAccess%2FData_Client_Maintenance_NXIFH%3FtabId%3D11681888
4 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gaap.natixis.com/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAccess%2FData_Client_Maintenance_NXIFH%3FtabId%3D11681888
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.120.163 -, , ASN (),
Reverse DNS
Software
NWS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.natixis.fr *.intranatixis.com *.natixis.com *.n.net.com *.f.bbg *.d.bbg *.gbpce.net servicesitnatixis.service-now.com *.dom101.prdres *.banquepopulaire.fr *.caisse-epargne.fr *.banque-de-savoie.fr groupebpce.sharepoint.com linkrh.adequasys.com bpcevie.lightning.force.com uscib.intranet *.intrabpce.fr *.bpa.ibp *.bpce.fr;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.customer-data-admin-auth.api.ostrum.com
Referer
https://www.customer-data-admin-auth.api.ostrum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
Origin,Content-Type,Accept,Authorization
Cache-Control
private
Connection
Keep-Alive
Content-Language
en-US
Content-Security-Policy
frame-ancestors 'self' *.natixis.fr *.intranatixis.com *.natixis.com *.n.net.com *.f.bbg *.d.bbg *.gbpce.net servicesitnatixis.service-now.com *.dom101.prdres *.banquepopulaire.fr *.caisse-epargne.fr *.banque-de-savoie.fr groupebpce.sharepoint.com linkrh.adequasys.com bpcevie.lightning.force.com uscib.intranet *.intrabpce.fr *.bpa.ibp *.bpce.fr;
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 17:00:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=15, max=299
Server
NWS
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Headers
Origin,Content-Type,Accept,Authorization
Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Content-Security-Policy
frame-ancestors 'self' *.natixis.fr *.intranatixis.com *.natixis.com *.n.net.com *.f.bbg *.d.bbg *.gbpce.net servicesitnatixis.service-now.com *.dom101.prdres *.banquepopulaire.fr *.caisse-epargne.fr *.banque-de-savoie.fr groupebpce.sharepoint.com linkrh.adequasys.com bpcevie.lightning.force.com uscib.intranet *.intrabpce.fr *.bpa.ibp *.bpce.fr;
Content-Type
text/html;charset=UTF-8
Date
Tue, 02 Jan 2024 17:00:52 GMT
Keep-Alive
timeout=15, max=300
Location
/form/auth/chooseschema?sourceURL=https%3A%2F%2Fgaap.natixis.com%2Fsamlv2%2FAccueilAuth%2FIdPAccess%2FData_Client_Maintenance_NXIFH%3FtabId%3D11681888
Server
NWS
Strict-Transport-Security
max-age=0
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
toastr.min.css
gaap.natixis.com/form/medias/css/plugins/toastr/ 		0
0
bootstrap.min.css
gaap.natixis.com/form/medias/css/plugins/bootstrap/ 		0
0
all.css
gaap.natixis.com/form/medias/css/plugins/font-awesome/css/ 		0
0
icheck-bootstrap.min.css
gaap.natixis.com/form/medias/css/plugins/iCheck/ 		0
0
style.css
gaap.natixis.com/form/medias/css/ 		0
0
bootstrap-combobox.css
gaap.natixis.com/form/medias/css/plugins/combobox/ 		0
0
bootstrap-select.min.css
gaap.natixis.com/form/medias/css/plugins/select/ 		0
0
styles_sign_and_go.css
gaap.natixis.com/form/medias/css/sng/ 		0
0
custom_prod.css
gaap.natixis.com/form/medias/css/ 		0
0
jquery.min.js
gaap.natixis.com/form/medias/js/plugins/jQuery/ 		0
0
jquery-ui.min.js
gaap.natixis.com/form/medias/js/plugins/jQuery/ 		0
0
bootstrap.min.js
gaap.natixis.com/form/medias/js/plugins/bootstrap/ 		0
0
jquery.slimscroll.min.js
gaap.natixis.com/form/medias/js/plugins/slimscroll/ 		0
0
toastr.min.js
gaap.natixis.com/form/medias/js/plugins/toastr/ 		0
0
jquery.validate.min.js
gaap.natixis.com/form/medias/js/plugins/validate/ 		0
0
bootstrap-combobox.js
gaap.natixis.com/form/medias/js/plugins/combobox/ 		0
0
bootstrap-select.min.js
gaap.natixis.com/form/medias/js/plugins/select/ 		0
0
util.js
gaap.natixis.com/form/medias/js/sng/ 		0
0
auth.js
gaap.natixis.com/form/medias/js/sng/ 		0
0
custom_prod.js
gaap.natixis.com/form/medias/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/toastr/toastr.min.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/bootstrap/bootstrap.min.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/font-awesome/css/all.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/iCheck/icheck-bootstrap.min.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/style.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/combobox/bootstrap-combobox.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/plugins/select/bootstrap-select.min.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/sng/styles_sign_and_go.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/css/custom_prod.css
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/jQuery/jquery.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/jQuery/jquery-ui.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/bootstrap/bootstrap.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/slimscroll/jquery.slimscroll.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/toastr/toastr.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/validate/jquery.validate.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/combobox/bootstrap-combobox.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/plugins/select/bootstrap-select.min.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/sng/util.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/sng/auth.js
Domain
gaap.natixis.com
URL
https://gaap.natixis.com/form/medias/js/custom_prod.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
.www.customer-data-admin.ostrum.com/ Name: WebFarmAffinity
Value: b912a450aa94389a9012d5e02150814e5f296e3ddf6ba2980e4d813b7c7de6a7

15 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
other warning URL: https://www.customer-data-admin.ostrum.com/
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Regular.af7ecfd3403966c9.woff
other warning URL: https://www.customer-data-admin.ostrum.com/
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Regular.d8eb36181f19639d.woff2
other warning URL: https://www.customer-data-admin.ostrum.com/
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Bold.52824568445fd61c.woff
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.2bdea83c8413f80f.woff
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-Bold.d2fb34a3ce268896.woff2
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.ebe6e278565ed0f9.woff2
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
OTS parsing error: invalid sfntVersion: 538976288
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
Failed to decode downloaded font: https://www.customer-data-admin.ostrum.com/dist/BwOstrum-RegularItalic.fd1a3d18886b2fb7.otf
other warning URL: https://www.customer-data-admin.ostrum.com/not-authorized
Message:
OTS parsing error: invalid sfntVersion: 538976288

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https:; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; script-src https: 'unsafe-inline' 'unsafe-eval'; connect-src https:
Public-Key-Pins max-age=0; includeSubDomains
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=480 max-age=480
X-Content-Type-Options nosniff
X-Frame-Options Deny Deny Deny
X-Xss-Protection 1; report=/Jaspe/Security/XssReporting; mode=block