cp1.dnspark.in Open in urlscan Pro
37.27.108.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnkfi.re/AovZlFJF
Effective URL:
https://cp1.dnspark.in/~uobfrnkj/.config/
Submission: On May 24 via manual (May 24th 2024, 9:13:54 am UTC) from BE — Scanned from FR

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 29 HTTP transactions. The main IP is 37.27.108.55, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is cp1.dnspark.in.
TLS certificate: Issued by R3 on March 28th 2024. Valid for: 3 months.

This is the only time cp1.dnspark.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNP Paribas (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	79.125.71.153 79.125.71.153	16509 (AMAZON-02) (AMAZON-02)
2	18.244.18.66 18.244.18.66	16509 (AMAZON-02) (AMAZON-02)
24	37.27.108.55 37.27.108.55	24940 (HETZNER-AS) (HETZNER-AS)
29	4

3 79.125.71.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-71-153.eu-west-1.compute.amazonaws.com

lnkfi.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-66.fra56.r.cloudfront.net

static.assetlab.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 37.27.108.55 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.108.27.37.clients.your-server.de

cp1.dnspark.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	dnspark.in cp1.dnspark.in	437 KB
3	lnkfi.re lnkfi.re	41 KB
2	assetlab.io static.assetlab.io — Cisco Umbrella Rank: 97060	3 KB
29	3

	Domain	Requested by
24	cp1.dnspark.in	lnkfi.re cp1.dnspark.in
3	lnkfi.re	lnkfi.re
2	static.assetlab.io
29	3

This site contains links to these domains. Also see Links.

Domain
easybankingbusiness.bnpparibasfortis.be

Subject Issuer	Validity	Valid
lnkfi.re Amazon RSA 2048 M02	`2023-09-07` - `2024-10-05`	a year	crt.sh
static.assetlab.io Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
cp1.dnspark.in R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cp1.dnspark.in/~uobfrnkj/.config/
Frame ID: 2990D37AB047F35BF4EA65824CE7024A
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mon Easy Banking, ma banque en ligne | BNP Paribas Fortis

Page URL History Show full URLs

https://lnkfi.re/AovZlFJF Page URL
https://cp1.dnspark.in/~uobfrnkj/.config/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

480 kB
Transfer

1884 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://easybankingbusiness.bnpparibasfortis.be/fr/public/token-selection
Title: Vers Easy Banking Business

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnkfi.re/AovZlFJF Page URL
https://cp1.dnspark.in/~uobfrnkj/.config/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	AovZlFJF Show response lnkfi.re/	90 KB 40 KB	223ms 141ms	Document text/html	79.125.71.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnkfi.re/AovZlFJF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.125.71.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-71-153.eu-west-1.compute.amazonaws.com Software / Resource Hash `491b849fcc3accb63cf51df6afee9671d34e5c03c35b3772b776a717095e457b` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 24 May 2024 09:13:48 GMT vary Accept-Encoding x-redirector-version redirector-v3
POST H2	200	/ lnkfi.re/~/tr/visit/	70 B 229 B	151ms 150ms	XHR application/json	79.125.71.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnkfi.re/~/tr/visit/ Requested by Host: lnkfi.re URL: https://lnkfi.re/AovZlFJF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.125.71.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-71-153.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://lnkfi.re/AovZlFJF Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 24 May 2024 09:13:49 GMT x-redirector-version redirector-v3 content-encoding gzip vary Accept-Encoding content-type application/json; charset=UTF-8
POST H2	200	/ Show response lnkfi.re/~/tr/event/	70 B 229 B	97ms 97ms	XHR application/json	79.125.71.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lnkfi.re/~/tr/event/ Requested by Host: lnkfi.re URL: https://lnkfi.re/AovZlFJF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 79.125.71.153 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-71-153.eu-west-1.compute.amazonaws.com Software / Resource Hash `1047ed90063215bb32a29424e745ae37b273604f2e86fd017374256b014846d1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://lnkfi.re/AovZlFJF Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/json Response headers date Fri, 24 May 2024 09:13:49 GMT x-redirector-version redirector-v3 content-encoding gzip vary Accept-Encoding content-type application/json; charset=UTF-8
GET H2	200	favicon.ico static.assetlab.io/redirector-prod/3.126.0/img/icons/	1 KB 2 KB	96ms 28ms	Other image/vnd.microsoft.icon	18.244.18.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.assetlab.io/redirector-prod/3.126.0/img/icons/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-66.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://lnkfi.re/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 11:23:12 GMT x-amz-version-id vDBLwB5lvUXYhu7aqVZoKjfwAMQJ22lz via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 11:16:46 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 78638 etag "a1dc412a42d1c7f6a905633a93f0fe06" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/vnd.microsoft.icon accept-ranges bytes content-length 1150 x-amz-cf-id lYcqbDbLcUGAJqnPwh1KJ0Du8gQaMv5ddtBLW1ZM08kDTQUjn9ZD9w==
GET H2	200	favicon-32x32.png static.assetlab.io/redirector-prod/3.126.0/img/icons/	890 B 1 KB	24ms 24ms	Other image/png	18.244.18.66 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.assetlab.io/redirector-prod/3.126.0/img/icons/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.66 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-66.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://lnkfi.re/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 11:23:12 GMT x-amz-version-id y41SXeCYRVGCBOdUbKDTIWUDu2I.V5pi via 1.1 29ed57baf1bb91e71e6ca8861a9fe040.cloudfront.net (CloudFront) last-modified Thu, 23 May 2024 11:16:46 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 78638 etag "a55d7209ea91a404dd1317f89985f559" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 890 x-amz-cf-id PUPx3T0wYBGMMStvgOvroAR0uv6HSaosaHX4MGCLfz15dg1tCb41PQ==
GET H2	200	Primary Request / Show response cp1.dnspark.in/~uobfrnkj/.config/	21 KB 5 KB	143ms 48ms	Document text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/ Requested by Host: lnkfi.re URL: https://lnkfi.re/AovZlFJF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `5e827661d6c0259c04a6dc779d0bef31d45cebe7b4b7d97187064ca3e0fdd8ea` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer https://lnkfi.re/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 24 May 2024 09:13:49 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server LiteSpeed vary Accept-Encoding
GET H2	404	bootstrap-grid.min.css cp1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/	0 0	47ms 45ms	Stylesheet text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/bootstrap-grid.min.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H2	200	main.css cp1.dnspark.in/~uobfrnkj/.config/css/	423 KB 56 KB	133ms 132ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `874ce6913117c41f8d78506c6318d1aeec7647b1af4c5502c3f6ec34c561b4ab` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 57564 expires Fri, 31 May 2024 09:13:49 GMT
GET H2	404	tinymce.css cp1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/	0 0	48ms 47ms	Stylesheet text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/tinymce.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H2	200	brand-isolated.css cp1.dnspark.in/~uobfrnkj/.config/css/	156 B 187 B	133ms 132ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `59b9e7d5486906f1164e4a6bdd70fa77ea8f743df92625bb9b75bfd207debe2f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 156 expires Fri, 31 May 2024 09:13:49 GMT
GET H2	200	chat-worldline.css cp1.dnspark.in/~uobfrnkj/.config/css/	378 B 294 B	47ms 46ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/chat-worldline.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `9fba8cff1dd44c4e5a9d0c37f2cf89bdc38f5a5fb0a23533cff490d7ab6c2735` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 183 expires Fri, 31 May 2024 09:13:49 GMT
GET H2	200	require.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	17 KB 6 KB	49ms 48ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/require.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 6328
GET H2	200	iscroll.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	50 KB 11 KB	132ms 131ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/iscroll.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `7c5b73bb0d8493214832bc99553ddc1cd2279c8687c4bac5844e92509ecba70f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 11082
GET H2	200	config.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	9 KB 2 KB	131ms 130ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/config.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `c2018396e7954aa8ff683896b662e5ebda3e861b7b7bd7bee90e1509534f5c4a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 2516
GET H2	200	main.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	164 KB 39 KB	90ms 89ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/main.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `ef5c986e27f68a589776557a6377c8985884bf2242a0ad5dae1f11269a531312` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 39431
GET H2	200	vendors-main.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	137 KB 51 KB	133ms 133ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/vendors-main.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `21bf515370156d437cb84e5e3fe487fa4c9b11ca01209d0e759e6594575b7895` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 52409
GET H2	200	pagebus.js Show response cp1.dnspark.in/~uobfrnkj/.config/js/	12 KB 3 KB	133ms 132ms	Script text/javascript	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/js/pagebus.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `2204bd69d3721b82b7b1ce780f9bf1dfab7ba0240804bd5c3d910942836a7e62` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:06 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 3244
GET H3	404	otp-itsme.js cp1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/	0 0	44ms 44ms	Script text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/otp-itsme.js Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H3	200	bnpp-fortis-isolated.css cp1.dnspark.in/~uobfrnkj/.config/css/	548 KB 86 KB	44ms 43ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `9815dd3dfd58ab756c84bf9fc5f56496a80e709aaad6aac35e4de878b48d76a0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 87647 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	bnpp-fortis-pws-isolated.css cp1.dnspark.in/~uobfrnkj/.config/css/	128 KB 17 KB	108ms 107ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-pws-isolated.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `40357d2af0dbba4961fc2ff6f9a70a0085b86c71387fc13d0d191039a0f6122d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 17600 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	ia-overrides.css cp1.dnspark.in/~uobfrnkj/.config/css/	21 KB 4 KB	113ms 112ms	Stylesheet text/css	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/css/ia-overrides.css Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `acf0bfd598fa20f8b7c240117d780db207d657a625c5060c57481c38e7ff8e93` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/brand-isolated.css Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 3862 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	BNPPSansLight-webfont.woff cp1.dnspark.in/~uobfrnkj/.config/fonts/	26 KB 26 KB	43ms 43ms	Font font/woff	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/fonts/BNPPSansLight-webfont.woff Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `d704d237c38374bd74c01946bd55e92686c98eeef54319622648514e9761101a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Origin https://cp1.dnspark.in Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 26976 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	bnpp_sans_cond_regular-webfont.ttf cp1.dnspark.in/~uobfrnkj/.config/fonts/	46 KB 23 KB	50ms 50ms	Font font/ttf	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/fonts/bnpp_sans_cond_regular-webfont.ttf Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Origin https://cp1.dnspark.in Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 23644 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	BNPPSansRegular-webfont.woff cp1.dnspark.in/~uobfrnkj/.config/fonts/	28 KB 28 KB	60ms 59ms	Font font/woff	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/fonts/BNPPSansRegular-webfont.woff Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `0ee78676ba6b6bee827b5e89bda4fc3efdbf83ec287f2ad4a57beb66f2ed5072` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Origin https://cp1.dnspark.in Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed content-type font/woff cache-control public, max-age=604800 accept-ranges bytes content-length 28632 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	bnpiconfont_1.ttf cp1.dnspark.in/~uobfrnkj/.config/fonts/	57 KB 34 KB	70ms 69ms	Font font/ttf	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/fonts/bnpiconfont_1.ttf Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `e35c6c8d6d1e622826db998a23b12a7fd4026312d9a5e094af267c2b678c5d99` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Origin https://cp1.dnspark.in Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 34682 expires Fri, 31 May 2024 09:13:49 GMT
GET H3	200	bnppf-logo-sprite.svg cp1.dnspark.in/~uobfrnkj/.config/images/	57 KB 19 KB	60ms 60ms	Image image/svg+xml	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.dnspark.in/~uobfrnkj/.config/images/bnppf-logo-sprite.svg Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `19cbdee225381f76649b0850bbd3d1aeb76d8f53e78feed041f5050b1bf68972` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/main.css Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes content-length 19751 expires Fri, 31 May 2024 09:13:49 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	font-icons_1.ttf cp1.dnspark.in/~uobfrnkj/.config/fonts/	42 KB 22 KB	45ms 45ms	Font font/ttf	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/fonts/font-icons_1.ttf Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `2fb2b7fcb467754175ef56c7adad9c21548ea6f0ecbb94bf7321476c73caa354` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/css/bnpp-fortis-isolated.css Origin https://cp1.dnspark.in Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding br last-modified Fri, 19 Apr 2024 20:26:20 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 22457 expires Fri, 31 May 2024 09:13:49 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4d0ac5ea4df3106d69a03116158777cd3302eec58de91b632ca4b96a5b79da01` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	404	animgif.gif cp1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/	2 KB 2 KB	67ms 67ms	Image text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/animgif.gif Requested by Host: cp1.dnspark.in URL: https://cp1.dnspark.in/~uobfrnkj/.config/ Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `4da76aeeb6974995159c62950c0e18d6396e619f493bfb03ca601a15e9619dbc` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 09:13:49 GMT content-encoding gzip server LiteSpeed vary Accept-Encoding content-type text/html
GET H3	404	favicon.ico cp1.dnspark.in/~uobfrnkj/.config/	1 KB 1 KB	43ms 43ms	Other text/html	37.27.108.55 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://cp1.dnspark.in/~uobfrnkj/.config/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 37.27.108.55 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.55.108.27.37.clients.your-server.de Software LiteSpeed / Resource Hash `4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://cp1.dnspark.in/~uobfrnkj/.config/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 09:13:49 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1251 content-type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNP Paribas (Banking)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lnkfi.re/	1970-01-20 20:50:28	Name: LF_nativeCount_amazon-music Value: 0-1716628428000-3
cp1.dnspark.in/	1969-12-31 23:59:59	Name: PHPSESSID Value: 390a7bc043f87e8695ccf95b0ce3d411
cp1.dnspark.in/	1970-01-21 05:34:38	Name: axes Value: null

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cp1.dnspark.in/generic/ebw/iwov-resources/grid/bootstrap/4.0/bootstrap-grid.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cp1.dnspark.in/generic/ebw/resources/ebw-portal/themes/fortis-portal/tinymce.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cp1.dnspark.in/generic/resources/ebw-portal/wcm/js/package/custom/otp-itsme.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cp1.dnspark.in/resources/ebw-portal/themes/fortis-portal/images/animgif.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cp1.dnspark.in/~uobfrnkj/.config/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cp1.dnspark.in
lnkfi.re
static.assetlab.io
18.244.18.66
37.27.108.55
79.125.71.153
0ee78676ba6b6bee827b5e89bda4fc3efdbf83ec287f2ad4a57beb66f2ed5072
1047ed90063215bb32a29424e745ae37b273604f2e86fd017374256b014846d1
19cbdee225381f76649b0850bbd3d1aeb76d8f53e78feed041f5050b1bf68972
21bf515370156d437cb84e5e3fe487fa4c9b11ca01209d0e759e6594575b7895
2204bd69d3721b82b7b1ce780f9bf1dfab7ba0240804bd5c3d910942836a7e62
2fb2b7fcb467754175ef56c7adad9c21548ea6f0ecbb94bf7321476c73caa354
40357d2af0dbba4961fc2ff6f9a70a0085b86c71387fc13d0d191039a0f6122d
491b849fcc3accb63cf51df6afee9671d34e5c03c35b3772b776a717095e457b
4948c3fe4b57cd92118ec7b89deb99ff0eb2586a02c5f454df21c1ecfc144c81
4bb9eaf55f6b1925fd4cd5c541bbecf276034beaeb6709556bfbce24990239de
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4d0ac5ea4df3106d69a03116158777cd3302eec58de91b632ca4b96a5b79da01
4da76aeeb6974995159c62950c0e18d6396e619f493bfb03ca601a15e9619dbc
59b9e7d5486906f1164e4a6bdd70fa77ea8f743df92625bb9b75bfd207debe2f
5e827661d6c0259c04a6dc779d0bef31d45cebe7b4b7d97187064ca3e0fdd8ea
6612dd210a4b7623c5c1f4e0d1cc38745fe818da57d3af521527d4cae9d06df1
7c5b73bb0d8493214832bc99553ddc1cd2279c8687c4bac5844e92509ecba70f
874ce6913117c41f8d78506c6318d1aeec7647b1af4c5502c3f6ec34c561b4ab
9815dd3dfd58ab756c84bf9fc5f56496a80e709aaad6aac35e4de878b48d76a0
9fba8cff1dd44c4e5a9d0c37f2cf89bdc38f5a5fb0a23533cff490d7ab6c2735
a56f74eaf471b8d0869d8d9556e4925e89767e210c4f0cf273ee012213086ec2
acf0bfd598fa20f8b7c240117d780db207d657a625c5060c57481c38e7ff8e93
c2018396e7954aa8ff683896b662e5ebda3e861b7b7bd7bee90e1509534f5c4a
d704d237c38374bd74c01946bd55e92686c98eeef54319622648514e9761101a
e35c6c8d6d1e622826db998a23b12a7fd4026312d9a5e094af267c2b678c5d99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c986e27f68a589776557a6377c8985884bf2242a0ad5dae1f11269a531312

cp1.dnspark.in Open in urlscan Pro 37.27.108.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

480 kBTransfer

1884 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cp1.dnspark.in Open in urlscan Pro
37.27.108.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

480 kB
Transfer

1884 kB
Size

3
Cookies

29 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!