CONTINUOUS INTERNET TELEMETRY24H DRIFT2,025 material changesacross 1,843 domains · -526 vs yesterdayDNS DRIFT20 domains changed DNS providertop destination parity.domains · +4 vs yesterdayEMAIL DRIFT2 domains switched email providertop destination google.com · -3 vs yesterdayCERT DRIFT2 domains switched issuing CA24h · -3 vs yesterdayNOW3,401 curated domains not answeringlast probe, steadyERRORS10,893 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,025 material changesacross 1,843 domains · -526 vs yesterdayDNS DRIFT20 domains changed DNS providertop destination parity.domains · +4 vs yesterdayEMAIL DRIFT2 domains switched email providertop destination google.com · -3 vs yesterdayCERT DRIFT2 domains switched issuing CA24h · -3 vs yesterdayNOW3,401 curated domains not answeringlast probe, steadyERRORS10,893 responded with an errorlast probe · 5xx / 404 / 429 / 403

hellobank.fr

Observed 2026-07-13T15:31:24.007Z (1d ago). Every field below was attested with an Ed25519 signature at scan time.

Guarded by a firewall
Runs onCloudflare
Registered withNAMESHIELD
Also usesGoogle Search Console
2 subdomains · tranco_40k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat hellobank.fr actually stands on - every host below is a signed observation
hellobank.fr
A / AAAA
23.56.189.232
Cloudflareserves the site
NS
ns1.bnpparibas.comns3.domivesta.netns4.domivesta.comns5.bnpparibas.com+1 more
bnpparibas.com + domivesta.net + moreanswers its DNS
MX
smtp-in-internet-usr-m.gslb.srv.bnpparibas
srv.bnpparibasreceives its email

HTTPS probe

bot_blocked Blocked our probe (WAF / bot protection) 403 blocked by cloudflare - bot protection active
HTTP status403
Servercloudflare
TLS protocolHTTP/2
TLS issuernot observed
Behind Cloudflareyes
Response time62 ms
DNS resolutionNOERROR

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 1

  • 23.56.189.232

MX 1

  • 5smtp-in-internet-usr-m.gslb.srv.bnpparibas

TXT 14

  • _v0h0t7pockxp3atux3j1v1qf7yk8jzx
  • v=spf1 include:pns._spf.bnpparibas.com include:t._spf.bnpparibas.com include:o._spf.bnpparibas.com ip4:62.50.78.128/25 ip4:94.103.23.14 ip4:85.255.198.0/24 ip4:85.255.200.0/24 -all
  • _jzb3rrd2v0355h2psp4mr1lx5edrmj5
  • _dmet0druiie4j7gkrhhvoz9v3vuhpy2
  • 58D3-7F31-5F2E-DC91-ECDF-4523-DDE4-6234
  • pdf6b0jq82p69xsgz6mnfwqjv5cmyhc3
  • _1bveyn0pqgrplcf2iv3yiyqzbitczod
  • _a1gxhdbu21593cyq7k7rn0a06gkdx2q
  • zscaler-verification-242570-28082025-rpIs9t
  • MS=ms42370835

NS 5

  • ns1.bnpparibas.com
  • ns3.domivesta.net
  • ns4.domivesta.com
  • ns5.bnpparibas.com
  • ns2.bnpparibas.com

SOA 1

  • ns1.bnpparibas.com i_names.bnpparibas.com

TLS Certificates (0)

None.

Subdomains (2)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for hellobank.fr. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for hellobank.fr <a href="https://domaindrift.io/t/hellobank.fr"> <img src="https://domaindrift.io/badge/hellobank.fr.svg" width="300" height="64" alt="DomainDrift signed observations for hellobank.fr"> </a>

Ed25519 Receipt

Receipt ID
e12a47dd-1ef7-49ba-8b50-34199bdd9429
Output Hash
a6391cf96a717ad6ba7487bfa848bc1d8ff2cdfb6d063de1c77a5b4f8a7bc66a
Signature
ed25519:d6d6900f2cb1e0afe412ef0de0ca9c54744cf43abeb167f814b689d7780735fae8d1176fe374cf737313dc9b5964d2db9cd6b45e4aa67acf88844ceebc999209
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser