| 122.180.31.239/ | 122.180.31.239 | | 235 B |
IP122.180.31.239:0 ASN#24560 Bharti Airtel Ltd., Telemedia Services
File typeHTML document, ASCII text Hash2d9ad3330192eafb5deea09b32fd3cd1 fb076da561bd789e9939f06b6e9c4ae733f17273 59e3e5147e38878cc18e8fafb5edb22c2a658e993c7f164c1db3f20dc2a007f7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 122.180.31.239
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Date: Tue, 07 May 2024 21:27:03 GMT
Server: xxxxxxxx-xxxxx
Location: https://122.180.31.239:10443/
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| mitmdetection.services.mozilla.com/ | 54.230.111.23 | | 0 B |
URL mitmdetection.services.mozilla.com/ IP54.230.111.23:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: mitmdetection.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: application/xml
date: Tue, 07 May 2024 21:28:57 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p-4x-kU9bqCUJOETvg51cfcytfXhMY-Qk3YRPBdpzTTy4wsl3KVANw==
X-Firefox-Spdy: h2
|
|
| 122.180.31.239:10443/ | 122.180.31.239 | | 131 B |
IP122.180.31.239:0 ASN#24560 Bharti Airtel Ltd., Telemedia Services
File typeHTML document, ASCII text Hash84a18166fde3ee7e7c974b8d1e7e21b4 8a5abf8e7ee738c9c96a3cf7efb4a0de2d567039 6e24d74ebc881e1e97331bb72d6edee8431485a8a0cafd7c4a913a3819817b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:06 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "83-6494bed8"
Accept-Ranges: bytes
Content-Length: 131
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/remote/login | 122.180.31.239 | 302 Found | 0 B |
URL User Request GET HTTP/1.1122.180.31.239:10443/remote/login IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /remote/login HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 07 May 2024 21:27:06 GMT
Server: xxxxxxxx-xxxxx
Location: /remote/login?lang=en
Content-Length: 0
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/plain
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/remote/login?lang=en | 122.180.31.239 | 200 OK | 4.3 kB |
URL User Request GET HTTP/1.1122.180.31.239:10443/remote/login?lang=en IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeHTML document, ASCII text, with very long lines (1068), with CRLF, LF line terminators Hashb1afcbb64a2bb43545a8a214a720937b 99c2b2ce58a581fecfba5eec6e70a46c63090196 7f4a01a762f206329cb2e4edf63b301156267207a337cb65c221386685fb4055
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /remote/login?lang=en HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://122.180.31.239:10443/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:06 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie: SVPNCOOKIE=; path=/; expires=Sun, 11 Mar 1984 12:00:00 GMT; secure; httponly; SameSite=Strict;
SVPNNETWORKCOOKIE=; path=/remote/network; expires=Sun, 11 Mar 1984 12:00:00 GMT; secure; httponly; SameSite=Strict
X-UA-Compatible: requiresActiveX=true
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/sslvpn/js/login.js?q=eda9bde0f0e471f2f3b461399a099f92 | 122.180.31.239 | 200 OK | 3.5 kB |
URL GET HTTP/1.1122.180.31.239:10443/sslvpn/js/login.js?q=eda9bde0f0e471f2f3b461399a099f92 IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
Hash0a565671dea2f5cfb74da3c656ee31d5 39b2d1bce4f5f3514b6e6ec01e041187b41b8836 90308c1e3888e598b85c9240d89c3a000cedb6fcb502a6e1ed262a539c0bb540
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sslvpn/js/login.js?q=eda9bde0f0e471f2f3b461399a099f92 HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/remote/login?lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:07 GMT
Server: xxxxxxxx-xxxxx
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/css/main-blue.css | 122.180.31.239 | 200 OK | 88 kB |
URL GET HTTP/1.1122.180.31.239:10443/css/main-blue.css IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeUnicode text, UTF-8 text, with very long lines (65530), with no line terminators Hash0e6b3e6b7c13d148b2f5e586df4a6c17 1b6501cce81743337ff28c1f7f2f5eb81caa4a6b ac15defeb2901f702c935f307397768e33cb7012802fd80eaad41ed75943f3a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/main-blue.css HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/remote/login?lang=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:07 GMT
Server: xxxxxxxx-xxxxx
Keep-Alive: timeout=10, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
Content-Encoding: gzip
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/fonts/lato-regular.woff2 | 122.180.31.239 | 200 OK | 28 kB |
URL GET HTTP/1.1122.180.31.239:10443/fonts/lato-regular.woff2 IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27892, version 1.6816 Hashf7ff2a6ff8699952646b5592de084dfa a63534a9fe94054bcfa4e96457871452ad9ab44d 2ee055921e5460e768980da0e441063d23f4320ea15e232a4f77ffcbe5b4f74f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/lato-regular.woff2 HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/css/main-blue.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:08 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "6cf4-6494bed8"
Accept-Ranges: bytes
Content-Length: 27892
Keep-Alive: timeout=10, max=96
Connection: Keep-Alive
Content-Type: font/woff2
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/fonts/lato-regular.woff2 | 122.180.31.239 | 200 OK | 28 kB |
URL GET HTTP/1.1122.180.31.239:10443/fonts/lato-regular.woff2 IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27892, version 1.6816 Hashf7ff2a6ff8699952646b5592de084dfa a63534a9fe94054bcfa4e96457871452ad9ab44d 2ee055921e5460e768980da0e441063d23f4320ea15e232a4f77ffcbe5b4f74f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/lato-regular.woff2 HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/css/main-blue.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:08 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "6cf4-6494bed8"
Accept-Ranges: bytes
Content-Length: 27892
Keep-Alive: timeout=10, max=95
Connection: Keep-Alive
Content-Type: font/woff2
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/fonts/ftnt-icons.woff | 122.180.31.239 | 200 OK | 43 kB |
URL GET HTTP/1.1122.180.31.239:10443/fonts/ftnt-icons.woff IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeWeb Open Font Format, TrueType, length 43292, version 1.0 Hash23d62c07605060a8b71fea47bb546b86 86782c1d2842567bd9aa4acaa41ce85b927affa7 916470c96461fce30511594f599d7ef0ed7c2537e8cb1f608492715ab6ec8e4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/ftnt-icons.woff HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/css/main-blue.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:08 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "a91c-6494bed8"
Accept-Ranges: bytes
Content-Length: 43292
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: font/woff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/fonts/ftnt-icons.woff | 122.180.31.239 | 200 OK | 43 kB |
URL GET HTTP/1.1122.180.31.239:10443/fonts/ftnt-icons.woff IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeWeb Open Font Format, TrueType, length 43292, version 1.0 Hash23d62c07605060a8b71fea47bb546b86 86782c1d2842567bd9aa4acaa41ce85b927affa7 916470c96461fce30511594f599d7ef0ed7c2537e8cb1f608492715ab6ec8e4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/ftnt-icons.woff HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/css/main-blue.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:09 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "a91c-6494bed8"
Accept-Ranges: bytes
Content-Length: 43292
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: font/woff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/remote/fgt_lang?lang=en | 122.180.31.239 | 200 OK | 972 kB |
URL GET HTTP/1.1122.180.31.239:10443/remote/fgt_lang?lang=en IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (389) Size972 kB (972025 bytes) Hash845c81bbfce4e048e357f7f8051a56df a9a0515900a70e8678c187f81473321a25e7f45f b712ce921c4fdd9db10c4704ad7839906429a4f9a0d225ff6be8b5073c91b7a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /remote/fgt_lang?lang=en HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/remote/login?lang=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:07 GMT
Server: xxxxxxxx-xxxxx
Content-Length: 972025
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: application/javascript
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|
| 122.180.31.239:10443/favicon.ico | 122.180.31.239 | 200 OK | 318 B |
URL GET HTTP/1.1122.180.31.239:10443/favicon.ico IP122.180.31.239:10443 ASN#24560 Bharti Airtel Ltd., Telemedia Services
Requested byhttps://122.180.31.239:10443/remote/login?lang=en CertificateIssuerFortinet SubjectFGT60FTK2209EDUQ Fingerprint4A:B4:95:3F:E3:A5:51:06:A4:3C:14:F7:54:87:FA:DF:FF:82:BD:5C ValidityTue, 02 Aug 2022 05:10:15 GMT - Wed, 19 Jan 2056 03:14:07 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors Hashe462005902f81094ab3de44e4381de19 684d6a3783a92305592c4211412ad0e17d402195 d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 122.180.31.239:10443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://122.180.31.239:10443/remote/login?lang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 21:27:10 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 22 Jun 2023 21:36:24 GMT
ETag: "13e-6494bed8"
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/plain
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https 'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
|
|