| ictpay.in/js/blueswi/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg | 104.21.44.128 | 200 OK | 53 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeSVG Scalable Vector Graphics image Hash38be0de766af1aaa475f946c32b47944 646ff2fae3c8080da7c067e6506f1a1193b9cfc8 330fddfd254cb42deebdac50ccbc6d9988d365378457fae29dc10b3c2edb43e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/swisscom-logo-lifeform-38be0de766af1aaa475f946c32b47944.svg HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: image/svg+xml
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjVnCALIMXepFgCFXC5ram8aMdonxiSWOAhwHnls2tceinqMvtbzMY9jxVyyysgIhdSwdBJpE6v8dPBzj9OMcTkbUT9xpqCleIfskoAWWHus%2Fms6Bg2ni8sguJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece99ddd92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js | 104.21.44.128 | 200 OK | 40 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeJavaScript source, ASCII text, with very long lines (2785), with no line terminators Hash8961fe6fd577dfd66d12b626e64d7cff b6c8fcfb325c56ac786080cbeafefb8f24838657 1573208ffc6c2a4284750137888f470eb10838d7abf5bd2895dd8ac46642be93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/username.bundle-8961fe6fd577dfd66d12b626e64d7cff.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: application/javascript
cf-bgj: minify
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2FBhYkjfvsKvuC%2BbVqFpuLVpUe0Mky0EF6wwJXKZ2UlqOcXcsV5yBCET3sLb6Y8YovvqtzFR17HLG7G1haiwO1eCdrY1YFc6nTbd2AWQi4o9%2FDrvPenDtpmVIPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece9adf092d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 | 104.21.44.128 | 200 OK | 50 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 49592, version 2.5570 Hash7dac4ba6f5bfb4ba199e7fe3454a6780 8df19c4658d5317868b1d8d3c302b19eea81677e 09525fb3b4747dfbceaa9401af3c089fae3aa045934b77ec444cfe62c0efd3da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/TheSansB_700_-7dac4ba6f5bfb4ba199e7fe3454a6780.woff2 HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: font/woff2
content-length: 49592
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6U95ffaSUXmmBAQwNgnxFrI%2FJ1JEvwmNL4ORM83btH3pQGArc0yuPjkbOOjCZ8Sx5PCPHia%2Bx7LpJz3%2FKP%2BpXSXn8uvaCLB0zFM7hQ98vrsNNc5Zgaktzu5rUSs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deced6c7c92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css | 104.21.44.128 | 200 OK | 108 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeUnicode text, UTF-8 text, with very long lines (64292), with no line terminators Size108 kB (108277 bytes) Hash1adabe89e111880ad1f2a9da15b6153c f4c74f0044dfe37a57370bc2fdb9430ceee67ce0 2343078d21ed64b82841d1d121860dc79e9f941bb8044c0e12995c939c88f91a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=374079
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6aLbmrsuQLYyooGDUdhpreuQBpfr0LiwCPeSEEMWoeSHFbYY8UrJKj4PCsPBte2RAfia%2F6ySkdocmdYz0Jf5fNGI0RqMPjgjnM%2F3ZmNVEMEQOGE8r%2FU3YqFdMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece99dda92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 | 104.21.44.128 | 200 OK | 55 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 55008, version 2.5570 Hasha54202ef3bf0e3da19bca052e636ca9c 1be7b883513f1f2ae87b968e2303475493216873 5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/TheSansB_600_-a54202ef3bf0e3da19bca052e636ca9c.woff2 HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: font/woff2
content-length: 55008
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNrehyLUtuqgY%2FaVzH39Wr6d4%2BOBduPzG8CS9b4cnCkOfDuA3BvJ8MIOS5R9%2FInEkdOX1hpjXX4MPFKYB%2FmvLQefwWlGm6vyI5gsqI%2BbVTsQlzC%2B7SLw37txWGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deced6c7e92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 | 104.21.44.128 | 200 OK | 76 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 75844, version 1.0 Hashf03eecedd83c09fb648538ec25dc01ef 29bc7966a7672d83e10870afc674e2d2c77eaec5 8bfc2db20d1d140388014d43c7fa13c0f63fd62e299c1954a792d321d9bde310
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/sdx-icons-f03eecedd83c09fb648538ec25dc01ef.woff2 HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: font/woff2
content-length: 75844
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSLOwKumnZy5CtcBgQ6UleKl3TvzGiQIgCFPbAOmlMiuvUXr4IdCyzfK6xJ6tcm%2FhXkS0rFFQ0MTLp7YG9Dg%2BvWj6c2D2%2FcLsGLl%2F1ATeiYRUXoKR6xgFESmWBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deced6c9e92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/wp-includes/images/w-logo-blue-white-bg.png | 104.21.44.128 | 200 OK | 4.1 kB |
URL GET HTTP/3ictpay.in/wp-includes/images/w-logo-blue-white-bg.png IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash000bf649cc8f6bf27cfb04d1bcdcd3c7 d73d2f6d74ec6cdcbae07955592962e77d8ae814 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ictpay.in/js/blueswi/clients/username.php
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:27 GMT
content-type: image/png
content-length: 4119
last-modified: Tue, 16 Nov 2021 00:04:02 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6gW4VH2yyWcHdu%2FROvvr%2FWixsHE4S5s2banIXLsItLYbIfVDXr1SUiQUFkY4Q1TINLufX%2FQDyqH3qP6M2B2I31jUsSpKMVZl2tVWAe4mhwKzno91xeOF7OoXZ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875decf8b9d792d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/8097.bundle.js | 104.21.44.128 | 200 OK | 72 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/8097.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasheec183c0d4676057983ca9de767ca634 7ad7e104807c7cc6ce30c63a554306c8e606fa97 2eb80d73cbe7e42859ed9b72e37827b9957228cd154845d7242c495fb93b904c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/8097.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3z%2FJcVgMHYZd7C7aiVFShJ04XSxnN4MjycEHK5PXQL5AV25BD1rI%2FfV787p%2BDb3dwsRooryUKxd%2FiObEfjAP8ENnXPaQfb3ADksnvho4erB8%2FNqfw6tFakInuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deceddd6692d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/9787.bundle.js | 104.21.44.128 | 200 OK | 3.1 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/9787.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3167), with no line terminators Hashc44ab995d51a3a9f0e2d32c22fa1fe0f b431a57ea7429ddcbcc8a0abd31627c6fe5f715c c84f28932dd8eb706d498ff1cf2a4c1f3b2023f9c8e0c33029543a7ba1c2337e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/9787.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:27 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZN6yAk%2FAoYzP5l9uMomLacji7QsER6tZifkpx6zPuMmVme7aub%2FHF9N6isbbnaKYElHqEDkOKkwBIlEFJjdSIY8uz3OCGwXqBRZQTpY8BKZb7QZC7uxDhi6Y80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decf21dbd92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username.php | 104.21.44.128 | 200 OK | 9.1 kB |
URL User Request GET HTTP/2ictpay.in/js/blueswi/clients/username.php IP104.21.44.128:443
CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9584), with no line terminators Hash5871637dbc1a0ef2f3a23978e3905ea9 4a5c1bc533b20b542f4e41e1f3cfab513fc07836 8002dbb681648e8d6f1baaaee00d0480ac7344752f4573c3f6878ff0b1546e76
Analyzer | Verdict | Alert | OpenPhish | phishing | Swisscom IT Services AG | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username.php HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3; path=/
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQkyAQBYipsHNOpVkoMWAAusk4jVJK71VCYEWZgus3xSxNjlRSd7F8v5fuCQ%2FVGaUnbtyIuWnZeeaifCXF9SrV3viqCIvx3TEm8oE0ARI%2Fqi3N1%2BF6IpdPde9xU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decde5eb9be3d-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ictpay.in/js/blueswi/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js | 104.21.44.128 | 200 OK | 91 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/commons.bundle-913907a5e0f9824203503b4e7fb8d96c.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=90610
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsfCVBvjjHDL9rZgKKo0Ap5YzkVVDTlPrAvce2ccoDaxsjxTdItOqWb9feBMYLJ5dysDPmQqBdpUPA5OwMWYxY5hnWIHzlgSTqtFgMkZ64%2FKna5tfyo5OHbvE6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece99de692d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/7711.bundle.js | 104.21.44.128 | 200 OK | 21 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/7711.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeJavaScript source, ASCII text, with very long lines (20969), with no line terminators Hash67dee5ca5f1e887b8ed7f21e4a9c3932 086ea5852d22a82f9e2eb302223cc4aad88918b1 fd6609fc3a22db1dce8142ad9e9377f05b23376cef25f4010be64853dcae43bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/7711.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nsu7ifqE%2BBsjRynX9U7ih%2F1hQDVwJ7eadl7S9x5U2wczUzgC8%2Fednx9myK7uG9rjFjCtR6DbONalIeL%2BtWXFNFC71dzPM4xUfF%2BncVDwmOmtoQ578id8pQ8sCVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decedcd5a92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/2475.bundle.js | 104.21.44.128 | 200 OK | 24 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/2475.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeJavaScript source, ASCII text, with very long lines (24108), with no line terminators Hash44a3b4440c3283969ef120c4c2c17e4e 911f93fa1b71803d8627662d635bef88cecb6f8a 14ad0430c69b5fd31a519b3bb0ba5023c3f496f5de2bcfb75de8dd62866b02b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/2475.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNc48Gy3%2BbhPPOXlpy%2B%2B332d9pu3f5hE%2BsjQgVZcmgzzi4uAhPHM5ris5cOvscXYCK9nYUXmjYu%2FdSrj4Ey82qVy%2BEYC5FwQ6oPxEW90svSgURgt0hwxpsd89Tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decedcd5c92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css | 104.21.44.128 | 200 OK | 208 B |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeASCII text, with no line terminators Hash4b602c2c4a95a4bf0f0b2854a4e7b1e4 7c5fbecf898d0df702d61a0b59920a9d5e5da054 9b39711a8b2b7f7b11acc561d626a087afadc40c59d057a767f39fd87e92942f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/username-3da88c85e4e95d4c24ffe7f22a697e7a.css HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=209
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9JSWFONM8QyJSNC64O4kSTzYtce%2BmZu%2BKGgJ7%2BWulDnKGh2VEBJgJzXFEhbUVa4hSjdNzc4LfMvW2PeBbtMkiGp2DzI%2BG%2BZOBkmzSEuk1%2F3ik9WwwOknDAyj1Gs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece99ddc92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js | 104.21.44.128 | 200 OK | 228 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Size228 kB (227742 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/login-layout.bundle-86802edb5402d853a443e918fd5a66ec.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:25 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=227746
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp4MA8tpTQqcLu2kvaLIj%2Fo8s46Wkf4%2FGQxVWWaSLcgoK7rt9k%2Bo9%2BZkhogUlgLjpFoQ43fN3h0f2tXfbovO4T6s0R068TbIKPvASeuHb0htK6JVhCwmvmT3xXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dece99de992d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 | 104.21.44.128 | 200 OK | 52 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 52044, version 2.5570 Hashd7955bec1417e0168f42adfe7ceaf8b5 f2cf5939bcacdefe7cbb920d7873d55b00772be0 6010e95e45ae8c7c0064724e1ea3ac9495ae55a6241633446db052364c06f5f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/TheSansB_500_-d7955bec1417e0168f42adfe7ceaf8b5.woff2 HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: font/woff2
content-length: 52044
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwIY%2BSI03ja%2BF891LWbeETiiOpLRq5vGMvToOfgeAwwuLm8Xx06QC3uJ4oR0DBAZy2sYhf%2BhRBQUDngYGHYvscs%2B%2FRZuiUeuLDM8%2BgZ3ZPwWIIHC1UEMXyZIlhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deced6c9b92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png | 104.21.44.128 | 200 OK | 38 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typePNG image data, 3600 x 40, 8-bit colormap, non-interlaced Hashdb5b9234be03de8612bb31c38e09fcf7 025c237758f5f3a815dc1bed0919e93e508bff8f f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/lifeform-spritesheet-db5b9234be03de8612bb31c38e09fcf7.png HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: image/png
content-length: 38448
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOY0CrnVSEjP6eUzY9acRfJR5DHgeondQY4kcXuGG%2Fx0v8yO74PY3W7MMgxmwny65E7LutYVVTGRU4hNomw5FGr5efOgvho%2BSJ5ivcZxhykFo1NjiaP9ftSx7SI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875deced5c6b92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/8726.bundle.js | 104.21.44.128 | 200 OK | 2.4 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/8726.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2423), with no line terminators Hashcd6e1e85bbee7fd84b14f67d4b354b0c 327823e71250ac06670e4e02b73fb945016598ad 9510b905bdb14e9ef1e17de41d847548f6ef80dcd00b1f1a3be33dda09db8f9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/8726.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0eALGrEEBhhAIPIMqbMfW4L24FlQeuVlEw%2FMCcN9rzyetW1qefaGAsH7WG2rtVrAhn9Y62xy%2FRn2eVQ1GYm78F0hQfdksr%2FIwppM5MiN9GaMnB5EImGzkp41CzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deceddd6c92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/5353.bundle.js | 104.21.44.128 | 200 OK | 83 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/5353.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/5353.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15C5q9ZOCQYTq1WXJKro6r%2FWYEBnBRRMgUqp%2BhoUWoDHgq0I8J2bjGJcnjNmixm63Dd5UdmYs4MKvVzq8XUUnwvcdP0TedGmlj7YcEMNaE2z0zLsBE48YGj83p4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deceddd7192d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/favicon.ico | 104.21.44.128 | 302 Found | 4.1 kB |
IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 17 Apr 2024 16:52:27 GMT
content-type: text/html; charset=UTF-8
location: https://ictpay.in/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/7.4.16
link: <https://ictpay.in/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: User-Agent, Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2GSWlgfh0zw7yaoyQVBmySA6S9ZowUtX%2BAxOWIJ%2FDKok2P%2BikPyMQDCHXIRNr8bHPD35eek27h0YQ1PAXv3Tg1VEUIFCl5q9Y74F5OvnEh9qTub4GfZsK%2BbA0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decf3788d92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/7022.bundle.js | 104.21.44.128 | 200 OK | 27 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/7022.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/7022.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHnJjgrV1Zs49Of%2Fb5HXygg4dqIoDuhx0elAHmQevZQnS0OlllDI592t73DIt1FMMKV5SQGQ5yseVYAk0nR1RPixscuA2nmbW6E3WpZ%2B%2BY1GXU%2BbI7P99CPDsSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875decedcd5892d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/7913.bundle.js | 104.21.44.128 | 200 OK | 24 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/7913.bundle.js IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/7913.bundle.js HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username.php
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHWfPN3lWmSuszqVe%2BeV5JFodfGVrQpuZOqRmiL31f2HrFGzQQAmFree2elGVL1esatIdiCEpNO%2BZ%2FFm64fudFp8iBN0ivcEPUcSRt%2FD5cWup7%2BsFTESVObdTFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deceddd6f92d0-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ictpay.in/js/blueswi/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 | 104.21.44.128 | 200 OK | 51 kB |
URL GET HTTP/3ictpay.in/js/blueswi/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 IP104.21.44.128:443
Requested byhttps://ictpay.in/js/blueswi/clients/username.php CertificateIssuerGoogle Trust Services LLC Subjectictpay.in Fingerprint7E:EC:C0:E5:52:1D:6F:9C:5B:C8:06:BC:E2:D6:0B:12:15:2E:8B:E3 ValidityTue, 05 Mar 2024 04:33:20 GMT - Mon, 03 Jun 2024 04:33:19 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 50708, version 2.13828 Hash4f0d59a18ca1c88dcfbbce6510b21da5 a832475bfb2af15db4541eaba52618c26cee2cd8 f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/blueswi/clients/username/TheSansB_400_-4f0d59a18ca1c88dcfbbce6510b21da5.woff2 HTTP/1.1
Host: ictpay.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ictpay.in/js/blueswi/clients/username/commons-92e9ecfd95ce24e54a680b212d674595.css
Cookie: PHPSESSID=0439c1498eb01666d2f2463cb6f3cfd3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:52:26 GMT
content-type: font/woff2
content-length: 50708
last-modified: Fri, 15 Mar 2024 04:41:20 GMT
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0ojXpwrBYb50wD65p5Zo3fPwEN%2F3%2F229gjdAzCLKTv09xucA9DaZ9nbxClRvXyCAfwnEoS4pgJc0khDVPdcAPI7%2FqOvTxNN0OgKc3rD21bUgIGA9UyfHKAW4uY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875deced6c8a92d0-CPH
alt-svc: h3=":443"; ma=86400
|
|