vrezawv.dyndns.ws Open in urlscan Pro
45.66.217.147  Malicious Activity! Public Scan

URL: https://vrezawv.dyndns.ws/abuiodse/
Submission: On September 05 via automatic, source phishtank — Scanned from JP

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 45.66.217.147, located in Tokyo, Japan and belongs to XTOM-JAPAN xTom Japan, JP. The main domain is vrezawv.dyndns.ws.
TLS certificate: Issued by R11 on September 2nd 2024. Valid for: 3 months.
This is the only time vrezawv.dyndns.ws was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

IP Address AS Autonomous System
21 45.66.217.147 3258 (XTOM-JAPA...)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
26 4
Apex Domain
Subdomains
Transfer
21 dyndns.ws
vrezawv.dyndns.ws
589 KB
2 gstatic.com
fonts.gstatic.com
77 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
0 inovaperf.me Failed
fathuioj.inovaperf.me Failed
26 4
Domain Requested by
21 vrezawv.dyndns.ws vrezawv.dyndns.ws
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com vrezawv.dyndns.ws
0 fathuioj.inovaperf.me Failed
26 4

This site contains no links.

Subject Issuer Validity Valid
vrezawv.dyndns.ws
R11
2024-09-02 -
2024-12-01
3 months crt.sh
upload.video.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.gstatic.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh

This page contains 1 frames:

Primary Page: https://vrezawv.dyndns.ws/abuiodse/
Frame ID: EA3A7FB76F6D97E0B7CE23F2B15708CB
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Accéder à mes comptes en ligne

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

96 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

669 kB
Transfer

2037 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vrezawv.dyndns.ws/abuiodse/
35 KB
7 KB
Document
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6b6e8e47c1dc06ecb6f50b73530a83be32ab8ddf58ae66bbdf7cf90190fb89f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Thu, 05 Sep 2024 03:24:33 GMT
etag
W/"65d28e42-8af5"
last-modified
Sun, 18 Feb 2024 23:09:54 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-powered-by
PleskLin
bootstrap.min.css
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
152 KB
20 KB
Stylesheet
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/bootstrap.min.css
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:10 GMT
server
nginx
etag
W/"65d27eda-260c5"
x-powered-by
PleskLin
content-type
text/css
helpers.css
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
41 KB
3 KB
Stylesheet
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/helpers.css
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:10 GMT
server
nginx
etag
W/"65d27eda-a3ab"
x-powered-by
PleskLin
content-type
text/css
style.css
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
13 KB
3 KB
Stylesheet
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/style.css
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
17732c1acc5f8a782c721cdd88745319426ebb586679942fc799493bf2dfe609
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:10 GMT
server
nginx
etag
W/"65d27eda-324a"
x-powered-by
PleskLin
content-type
text/css
logo.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
8 KB
8 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/logo.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
21eccdb540887f68da962895f58683954dbd185e81ef9c6c50cbb3060be60515
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:10 GMT
server
nginx
etag
"65d27eda-2134"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
8500
logo2.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
5 KB
5 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/logo2.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7a08d165e4a7e35707daeeb7b17476d32a284d3f6153bf23321f36272bdc2724
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:10 GMT
server
nginx
etag
"65d27eda-12a2"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
4770
logo3.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
4 KB
4 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/logo3.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fc24b91e8eb5f3d5f48ccf0ef83e85f210cc7fed274664ce8e0062f05d2ac59e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
etag
"65d27edc-eeb"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
3819
header-right.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
4 KB
4 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/header-right.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
78ac5e7f80883a17dda87f6d69f1e0ae08464146ae28f890d56e296ffe75a1ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
etag
"65d27edc-e38"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
3640
header-right2.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
621 B
836 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/header-right2.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
41294e5549898505d0596e95c68119392dcf932e08c998947a1a7f2c1ee3aabd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"26d-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
621
reset.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
607 B
822 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/reset.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fd7ec734a08a3db8e41f35fded99c6955b4a2a94ea453d367b03bcb14742134a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"25f-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
607
1.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
462 B
677 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/1.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
23552b108c61390d9a5305676b2e0ef28d3a023495f8ab3d4b4c03fc6d3d3d2f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"1ce-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
462
2.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
757 B
972 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/2.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ae3002740f7b44501370e57d33f9b98906b8d3efb7f20d351fe5cf2d2ea1add0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"2f5-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
757
3.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
714 B
929 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/3.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
47ebf853a8d468653dde0a389037223e482366b3a77903f7aea8084ffdf9ddb2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"2ca-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
714
4.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
918 B
1 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/4.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
11c3efb5ad4e98add46c808c01adc192d89fa4f1f550835f307fb75f15d2fd78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
x-accel-version
0.01
etag
"396-611af28386f00"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
918
5.png
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
3 KB
3 KB
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/5.png
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
345c20a505b28c59ea251b4eb8be528b57dd2c874b4eaa6c73db74b24cc41ec1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
etag
"65d27edc-b8f"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
2959
jquery-3.6.1.min.js.t%C3%A9l%C3%A9charger
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
88 KB
30 KB
Script
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/jquery-3.6.1.min.js.t%C3%A9l%C3%A9charger
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
etag
W/"65d27edc-15e40"
x-powered-by
PleskLin
content-type
application/javascript
bootstrap.bundle.min.js.t%C3%A9l%C3%A9charger
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
77 KB
21 KB
Script
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/bootstrap.bundle.min.js.t%C3%A9l%C3%A9charger
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:12 GMT
server
nginx
etag
W/"65d27edc-13397"
x-powered-by
PleskLin
content-type
application/javascript
all.min.js.t%C3%A9l%C3%A9charger
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
1 MB
473 KB
Script
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/all.min.js.t%C3%A9l%C3%A9charger
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:14 GMT
server
nginx
etag
W/"65d27ede-175216"
x-powered-by
PleskLin
content-type
application/javascript
jquery.mask.min.js.t%C3%A9l%C3%A9charger
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
8 KB
3 KB
Script
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/jquery.mask.min.js.t%C3%A9l%C3%A9charger
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:14 GMT
server
nginx
etag
W/"65d27ede-2087"
x-powered-by
PleskLin
content-type
application/javascript
js.js.t%C3%A9l%C3%A9charger
vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/
31 B
251 B
Script
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/js.js.t%C3%A9l%C3%A9charger
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
86b41ff3f229eb2a7f189765a96597ddcb7b76a20b6a99e529524db2ada54117
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:33 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Sun, 18 Feb 2024 22:04:14 GMT
x-accel-version
0.01
server
nginx
etag
W/"1f-611af2856f380"
x-powered-by
PleskLin
content-type
application/javascript
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2af467e5c74d9700a4f33f351d77f5d9a20abf58203d5dfdc5209095d8acf768
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vrezawv.dyndns.ws/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 03:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 03:24:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Sep 2024 03:24:34 GMT
css2
fonts.googleapis.com/
5 KB
573 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Dosis:wght@400;500;600;700&display=swap
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9418ee22e14ccf0f2cc37912ef56cb6ba9043b2df59f559d028bb0e4735fcf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://vrezawv.dyndns.ws/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 03:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 03:24:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Sep 2024 03:24:34 GMT
img.jpg
vrezawv.dyndns.ws/abuiodse/imgs/
808 B
808 B
Image
General
Full URL
https://vrezawv.dyndns.ws/abuiodse/imgs/img.jpg
Requested by
Host: vrezawv.dyndns.ws
URL: https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.66.217.147 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://vrezawv.dyndns.ws/abuiodse/Acc%C3%A9der%20%C3%A0%20mes%20comptes%20en%20ligne_files/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:24:34 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Mon, 02 Sep 2024 17:13:35 GMT
server
nginx
etag
W/"328-621260faaf97c"
content-type
text/html
HhyaU5sn9vOmLzloC_U.woff2
fonts.gstatic.com/s/dosis/v32/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dosis/v32/HhyaU5sn9vOmLzloC_U.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Dosis:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vrezawv.dyndns.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 06:43:32 GMT
x-content-type-options
nosniff
age
506462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30208
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:45:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Aug 2025 06:43:32 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vrezawv.dyndns.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 04 Sep 2024 11:37:11 GMT
x-content-type-options
nosniff
age
56843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Sep 2025 11:37:11 GMT
ff.png
fathuioj.inovaperf.me/bnp/auth/media/imgs/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fathuioj.inovaperf.me
URL
https://fathuioj.inovaperf.me/bnp/auth/media/imgs/ff.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| $jscomp

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://vrezawv.dyndns.ws/abuiodse/imgs/img.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://vrezawv.dyndns.ws/abuiodse/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fathuioj.inovaperf.me
fonts.googleapis.com
fonts.gstatic.com
vrezawv.dyndns.ws
fathuioj.inovaperf.me
2404:6800:4004:80f::200a
2404:6800:4004:825::2003
45.66.217.147
0dcac7cabd17a67b5d09d54d506c6ed734516248e9e8552d194b1a5cf16b7722
11c3efb5ad4e98add46c808c01adc192d89fa4f1f550835f307fb75f15d2fd78
17732c1acc5f8a782c721cdd88745319426ebb586679942fc799493bf2dfe609
1c7070cf33da6adcb7a6b9ff7eb6e06fd8f64958622d61569b990e8b92c58615
21eccdb540887f68da962895f58683954dbd185e81ef9c6c50cbb3060be60515
23552b108c61390d9a5305676b2e0ef28d3a023495f8ab3d4b4c03fc6d3d3d2f
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2af467e5c74d9700a4f33f351d77f5d9a20abf58203d5dfdc5209095d8acf768
345c20a505b28c59ea251b4eb8be528b57dd2c874b4eaa6c73db74b24cc41ec1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41294e5549898505d0596e95c68119392dcf932e08c998947a1a7f2c1ee3aabd
47ebf853a8d468653dde0a389037223e482366b3a77903f7aea8084ffdf9ddb2
6a769e18b06859751eaa2259044a6ff76e3ddcd6572a516d8ce3a2d7b8c7538e
6b6e8e47c1dc06ecb6f50b73530a83be32ab8ddf58ae66bbdf7cf90190fb89f4
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
78ac5e7f80883a17dda87f6d69f1e0ae08464146ae28f890d56e296ffe75a1ec
7a08d165e4a7e35707daeeb7b17476d32a284d3f6153bf23321f36272bdc2724
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
86b41ff3f229eb2a7f189765a96597ddcb7b76a20b6a99e529524db2ada54117
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
ae3002740f7b44501370e57d33f9b98906b8d3efb7f20d351fe5cf2d2ea1add0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
f9418ee22e14ccf0f2cc37912ef56cb6ba9043b2df59f559d028bb0e4735fcf9
fc24b91e8eb5f3d5f48ccf0ef83e85f210cc7fed274664ce8e0062f05d2ac59e
fd7ec734a08a3db8e41f35fded99c6955b4a2a94ea453d367b03bcb14742134a