r1.dnspark.in Open in urlscan Pro
65.108.74.236 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnk.to/hxfkyeAG
Effective URL:
https://r1.dnspark.in/~cdtbckav/AR/
Submission: On May 23 via api (May 23rd 2024, 7:19:56 am UTC) from BE — Scanned from DE

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 29 HTTP transactions. The main IP is 65.108.74.236, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is r1.dnspark.in.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.

This is the only time r1.dnspark.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	52.30.125.28 52.30.125.28	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.66 18.244.18.66	16509 (AMAZON-02) (AMAZON-02)
24	65.108.74.236 65.108.74.236	24940 (HETZNER-AS) (HETZNER-AS)
29	4

3 52.30.125.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-125-28.eu-west-1.compute.amazonaws.com

lnk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-66.fra56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 65.108.74.236 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.74.108.65.clients.your-server.de

r1.dnspark.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	dnspark.in r1.dnspark.in	445 KB
3	lnk.to lnk.to — Cisco Umbrella Rank: 56097	38 KB
2	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 97060	3 KB
29	3

	Domain	Requested by
24	r1.dnspark.in	lnk.to r1.dnspark.in
3	lnk.to	lnk.to
2	static.assetlab.io
29	3

This site contains links to these domains. Also see Links.

Domain
easybankingbusiness.bnpparibasfortis.be

Subject Issuer	Validity	Valid
lnk.to Amazon RSA 2048 M01	`2023-09-07` - `2024-10-05`	a year	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
r1.dnspark.in R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://r1.dnspark.in/~cdtbckav/AR/
Frame ID: EE1AD16A09157C7478A5424CFBA03C1E
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mon Easy Banking, ma banque en ligne | BNP Paribas Fortis

Page URL History Show full URLs

https://lnk.to/hxfkyeAG Page URL
https://r1.dnspark.in/~cdtbckav/AR/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

486 kB
Transfer

1893 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://easybankingbusiness.bnpparibasfortis.be/fr/public/token-selection
Title: Vers Easy Banking Business

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnk.to/hxfkyeAG Page URL
https://r1.dnspark.in/~cdtbckav/AR/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	hxfkyeAG Show response lnk.to/	90 KB 37 KB	272ms 170ms	Document text/html	52.30.125.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.to/hxfkyeAG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.30.125.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-125-28.eu-west-1.compute.amazonaws.com Software / Resource Hash `b17e6286904a79cd95e22294191c2a7599ffde9d60c25fdd72879ccb261ea31b` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 23 May 2024 07:19:51 GMT vary Accept-Encoding x-redirector-version redirector-v3
POST H2	200	/ lnk.to/~/tr/visit/	70 B 229 B	112ms 111ms	XHR application/json	52.30.125.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.to/~/tr/visit/ Requested by Host: lnk.to URL: https://lnk.to/hxfkyeAG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.30.125.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-125-28.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://lnk.to/hxfkyeAG Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 23 May 2024 07:19:52 GMT x-redirector-version redirector-v3 content-encoding gzip vary Accept-Encoding content-type application/json; charset=UTF-8
POST H2	200	/ Show response lnk.to/~/tr/event/	70 B 229 B	110ms 110ms	XHR application/json	52.30.125.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnk.to/~/tr/event/ Requested by Host: lnk.to URL: https://lnk.to/hxfkyeAG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.30.125.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-125-28.eu-west-1.compute.amazonaws.com Software / Resource Hash `5888e1fafa5ca1f770fa3285e6e31f59ee84afbbaf4e197ae075883889496e4f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://lnk.to/hxfkyeAG Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 23 May 2024 07:19:52 GMT x-redirector-version redirector-v3 content-encoding gzip vary Accept-Encoding content-type application/json; charset=UTF-8
GET H2	200	favicon.ico static.assetlab.io/redirector-prod/3.125.0/img/icons/	1 KB 2 KB	71ms 17ms	Other image/vnd.microsoft.icon	18.244.18.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.assetlab.io/redirector-prod/3.125.0/img/icons/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-66.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://lnk.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 6dZ1Kb5PHmaMR9gYX8Cu5HJNShmcYj2I date Wed, 22 May 2024 09:07:28 GMT via 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront) last-modified Tue, 21 May 2024 09:03:49 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 79945 x-amz-server-side-encryption AES256 etag "a1dc412a42d1c7f6a905633a93f0fe06" vary Accept-Encoding x-cache Hit from cloudfront content-type image/vnd.microsoft.icon accept-ranges bytes content-length 1150 x-amz-cf-id Bvb7HFb2PXCwZIwnp-w0DiPaWWQEPXQKaBTM7tfzONKia41YK7ssGg==
GET H2	200	favicon-32x32.png static.assetlab.io/redirector-prod/3.125.0/img/icons/	890 B 1 KB	18ms 17ms	Other image/png	18.244.18.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.assetlab.io/redirector-prod/3.125.0/img/icons/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-66.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://lnk.to/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id lJuhJL28Su1TQtMRHskY6goOHvEenC2Q date Wed, 22 May 2024 09:07:28 GMT via 1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront) last-modified Tue, 21 May 2024 09:03:49 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 79945 x-amz-server-side-encryption AES256 etag "a55d7209ea91a404dd1317f89985f559" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 890 x-amz-cf-id 3tKJy_HtJ7xtzL7uRBxXmBfZlesz9vR_YdsGKC7gSarvdai5tFRLEA==
GET H2	200	Primary Request / Show response r1.dnspark.in/~cdtbckav/AR/	21 KB 5 KB	187ms 89ms	Document text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/ Requested by Host: lnk.to URL: https://lnk.to/hxfkyeAG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `5e827661d6c0259c04a6dc779d0bef31d45cebe7b4b7d97187064ca3e0fdd8ea` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://lnk.to/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 23 May 2024 07:19:52 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding
GET H2	404	bootstrap-grid.min.css r1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/	0 0	130ms 127ms	Stylesheet text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/bootstrap-grid.min.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H2	200	main.css r1.dnspark.in/~cdtbckav/AR/css/	423 KB 56 KB	88ms 86ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/main.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `874ce6913117c41f8d78506c6318d1aeec7647b1af4c5502c3f6ec34c561b4ab` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 57564 expires Thu, 30 May 2024 07:19:52 GMT
GET H2	404	tinymce.css r1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/	0 0	130ms 127ms	Stylesheet text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/tinymce.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H2	200	brand-isolated.css r1.dnspark.in/~cdtbckav/AR/css/	156 B 187 B	129ms 126ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `59b9e7d5486906f1164e4a6bdd70fa77ea8f743df92625bb9b75bfd207debe2f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 156 expires Thu, 30 May 2024 07:19:52 GMT
GET H2	200	chat-worldline.css r1.dnspark.in/~cdtbckav/AR/css/	378 B 216 B	130ms 128ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/chat-worldline.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `9fba8cff1dd44c4e5a9d0c37f2cf89bdc38f5a5fb0a23533cff490d7ab6c2735` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 183 expires Thu, 30 May 2024 07:19:52 GMT
GET H2	200	require.js Show response r1.dnspark.in/~cdtbckav/AR/js/	17 KB 6 KB	128ms 127ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/require.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 6328
GET H2	200	iscroll.js Show response r1.dnspark.in/~cdtbckav/AR/js/	50 KB 11 KB	128ms 126ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/iscroll.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `7c5b73bb0d8493214832bc99553ddc1cd2279c8687c4bac5844e92509ecba70f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 11082
GET H2	200	config.js Show response r1.dnspark.in/~cdtbckav/AR/js/	9 KB 2 KB	129ms 128ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/config.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `c2018396e7954aa8ff683896b662e5ebda3e861b7b7bd7bee90e1509534f5c4a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 2516
GET H2	200	main.js Show response r1.dnspark.in/~cdtbckav/AR/js/	164 KB 39 KB	128ms 127ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/main.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `ef5c986e27f68a589776557a6377c8985884bf2242a0ad5dae1f11269a531312` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 39431
GET H2	200	vendors-main.js Show response r1.dnspark.in/~cdtbckav/AR/js/	137 KB 51 KB	129ms 128ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/vendors-main.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `21bf515370156d437cb84e5e3fe487fa4c9b11ca01209d0e759e6594575b7895` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 52409
GET H2	200	pagebus.js Show response r1.dnspark.in/~cdtbckav/AR/js/	12 KB 3 KB	171ms 170ms	Script text/javascript	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/js/pagebus.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `2204bd69d3721b82b7b1ce780f9bf1dfab7ba0240804bd5c3d910942836a7e62` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 3244
GET H3	404	otp-itsme.js r1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/	0 0	43ms 42ms	Script text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/otp-itsme.js Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H3	200	bnpp-fortis-isolated.css r1.dnspark.in/~cdtbckav/AR/css/	548 KB 86 KB	46ms 46ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `9815dd3dfd58ab756c84bf9fc5f56496a80e709aaad6aac35e4de878b48d76a0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 87647 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	bnpp-fortis-pws-isolated.css r1.dnspark.in/~cdtbckav/AR/css/	128 KB 17 KB	44ms 44ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-pws-isolated.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `40357d2af0dbba4961fc2ff6f9a70a0085b86c71387fc13d0d191039a0f6122d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 17600 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	ia-overrides.css r1.dnspark.in/~cdtbckav/AR/css/	21 KB 4 KB	43ms 43ms	Stylesheet text/css	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/css/ia-overrides.css Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `acf0bfd598fa20f8b7c240117d780db207d657a625c5060c57481c38e7ff8e93` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/brand-isolated.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 3862 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	BNPPSansLight-webfont.woff r1.dnspark.in/~cdtbckav/AR/fonts/	26 KB 26 KB	45ms 44ms	Font font/woff	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/fonts/BNPPSansLight-webfont.woff Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `d704d237c38374bd74c01946bd55e92686c98eeef54319622648514e9761101a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/main.css Origin https://r1.dnspark.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 26976 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	bnpp_sans_cond_regular-webfont.ttf r1.dnspark.in/~cdtbckav/AR/fonts/	46 KB 23 KB	73ms 73ms	Font font/ttf	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/fonts/bnpp_sans_cond_regular-webfont.ttf Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Origin https://r1.dnspark.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 23644 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	BNPPSansRegular-webfont.woff r1.dnspark.in/~cdtbckav/AR/fonts/	28 KB 28 KB	58ms 57ms	Font font/woff	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/fonts/BNPPSansRegular-webfont.woff Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `0ee78676ba6b6bee827b5e89bda4fc3efdbf83ec287f2ad4a57beb66f2ed5072` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/main.css Origin https://r1.dnspark.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 28632 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	bnpiconfont_1.ttf r1.dnspark.in/~cdtbckav/AR/fonts/	57 KB 34 KB	61ms 60ms	Font font/ttf	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/fonts/bnpiconfont_1.ttf Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `e35c6c8d6d1e622826db998a23b12a7fd4026312d9a5e094af267c2b678c5d99` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Origin https://r1.dnspark.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 34682 expires Thu, 30 May 2024 07:19:52 GMT
GET H3	200	bnppf-logo-sprite.svg r1.dnspark.in/~cdtbckav/AR/images/	57 KB 19 KB	42ms 42ms	Image image/svg+xml	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://r1.dnspark.in/~cdtbckav/AR/images/bnppf-logo-sprite.svg Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `19cbdee225381f76649b0850bbd3d1aeb76d8f53e78feed041f5050b1bf68972` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/main.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 19751 expires Thu, 30 May 2024 07:19:52 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	font-icons_1.ttf r1.dnspark.in/~cdtbckav/AR/fonts/	42 KB 22 KB	77ms 75ms	Font font/ttf	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/fonts/font-icons_1.ttf Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `2fb2b7fcb467754175ef56c7adad9c21548ea6f0ecbb94bf7321476c73caa354` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/css/bnpp-fortis-isolated.css Origin https://r1.dnspark.in Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 22457 expires Thu, 30 May 2024 07:19:52 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4d0ac5ea4df3106d69a03116158777cd3302eec58de91b632ca4b96a5b79da01` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	404	animgif.gif r1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/	10 KB 10 KB	42ms 42ms	Image text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://r1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/animgif.gif Requested by Host: r1.dnspark.in URL: https://r1.dnspark.in/~cdtbckav/AR/ Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `81b16bfb9d2370ec9a38256f4c58fd8675d80247ea66b8cfe2d183ad855164a4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 07:19:52 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H3	404	favicon.ico r1.dnspark.in/~cdtbckav/AR/	1 KB 1 KB	41ms 40ms	Other text/html	65.108.74.236 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://r1.dnspark.in/~cdtbckav/AR/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 65.108.74.236 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.236.74.108.65.clients.your-server.de Software LiteSpeed / Resource Hash `5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://r1.dnspark.in/~cdtbckav/AR/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 07:19:52 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnk.to/	1970-01-20 20:47:29	Name: LF_session_31332998c94befabe8cad3971fdaf4d8 Value: 1
r1.dnspark.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ef0e65dd8bdf9782eea7b28d8ea9a05
r1.dnspark.in/	1970-01-21 05:33:04	Name: axes Value: null

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://r1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/bootstrap-grid.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://r1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/tinymce.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://r1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/otp-itsme.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://r1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/animgif.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://r1.dnspark.in/~cdtbckav/AR/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lnk.to
r1.dnspark.in
static.assetlab.io
18.244.18.66
52.30.125.28
65.108.74.236
0ee78676ba6b6bee827b5e89bda4fc3efdbf83ec287f2ad4a57beb66f2ed5072
19cbdee225381f76649b0850bbd3d1aeb76d8f53e78feed041f5050b1bf68972
21bf515370156d437cb84e5e3fe487fa4c9b11ca01209d0e759e6594575b7895
2204bd69d3721b82b7b1ce780f9bf1dfab7ba0240804bd5c3d910942836a7e62
2fb2b7fcb467754175ef56c7adad9c21548ea6f0ecbb94bf7321476c73caa354
40357d2af0dbba4961fc2ff6f9a70a0085b86c71387fc13d0d191039a0f6122d
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de
4d0ac5ea4df3106d69a03116158777cd3302eec58de91b632ca4b96a5b79da01
5888e1fafa5ca1f770fa3285e6e31f59ee84afbbaf4e197ae075883889496e4f
59b9e7d5486906f1164e4a6bdd70fa77ea8f743df92625bb9b75bfd207debe2f
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5e827661d6c0259c04a6dc779d0bef31d45cebe7b4b7d97187064ca3e0fdd8ea
6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1
7c5b73bb0d8493214832bc99553ddc1cd2279c8687c4bac5844e92509ecba70f
81b16bfb9d2370ec9a38256f4c58fd8675d80247ea66b8cfe2d183ad855164a4
874ce6913117c41f8d78506c6318d1aeec7647b1af4c5502c3f6ec34c561b4ab
9815dd3dfd58ab756c84bf9fc5f56496a80e709aaad6aac35e4de878b48d76a0
9fba8cff1dd44c4e5a9d0c37f2cf89bdc38f5a5fb0a23533cff490d7ab6c2735
a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2
acf0bfd598fa20f8b7c240117d780db207d657a625c5060c57481c38e7ff8e93
b17e6286904a79cd95e22294191c2a7599ffde9d60c25fdd72879ccb261ea31b
c2018396e7954aa8ff683896b662e5ebda3e861b7b7bd7bee90e1509534f5c4a
d704d237c38374bd74c01946bd55e92686c98eeef54319622648514e9761101a
e35c6c8d6d1e622826db998a23b12a7fd4026312d9a5e094af267c2b678c5d99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c986e27f68a589776557a6377c8985884bf2242a0ad5dae1f11269a531312

r1.dnspark.in Open in urlscan Pro 65.108.74.236 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

486 kBTransfer

1893 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

r1.dnspark.in Open in urlscan Pro
65.108.74.236 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

486 kB
Transfer

1893 kB
Size

3
Cookies

29 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!