| 103.106.20.186:9007/login | 103.106.20.186 | | 28 kB |
URL 103.106.20.186:9007/login IP103.106.20.186:0 ASN#137085 Ani Broadband Service Pvt Ltd
File typeHTML document, ASCII text, with CRLF line terminators Hash89fab77deb96bbe38ed89215690a1da4 b6efc44d0dbdce493dbfdfc0fdb81524d6fc1b6b 5da3a627ed0cf467a4f28f2119634872dce187f2bcf247b50a8879a9eefaf368
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:34 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
Content-type: text/html;charset=UTF-8
Content-language: en-US
Set-cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928; Path=/; HttpOnly
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
Transfer-encoding: chunked
|
|
| 103.106.20.186:9007/assets/custom/css/imports_plain.css | 103.106.20.186 | 200 OK | 1.8 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/css/imports_plain.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeexported SGML document, ASCII text, with CRLF line terminators Hash77032741b8ed2365cf1509394ac170be 0fc5df8e8f9079847fd6c65ce9ae99a721b9e8f1 36c11f9f96936a994231d9e6403ed6b47f812abd3e1765f2744a92ed7dd6282c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/css/imports_plain.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:34 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 1836
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/css/keyboard.css | 103.106.20.186 | 200 OK | 4.7 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/css/keyboard.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hashd46d49eb1d49d244296a4f9f2ecefa36 2071ff741bbc4f16cccd492eed40b346368c6514 23ca5f199cfba33bd3db60e1564c9b517283a8b89083e9fddc7e29aa27b69f6e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/css/keyboard.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:34 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 4731
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/js/scripts.bundle.js | 103.106.20.186 | 200 OK | 99 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/js/scripts.bundle.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashcacf7a6d331dd56665df84f2e7a54839 7dea952b9e5139a53ef7276083bdfddfd428afc5 afd51e75e91479826b34a7a8b049cc6342ffdd40743b304aa9d0caf119f4cc0a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/scripts.bundle.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:34 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 98756
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/js/footer.js | 103.106.20.186 | 200 OK | 407 B |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/js/footer.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hashbf2ff572389fba89a12d08e6c39ab801 456b10713133dc449b5dc7992aa46a6e185046a7 c2680e96e326e4a4326fe317ea1dd372024c508a1834f4ea08ac47b623b7a06a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/js/footer.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:35 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 407
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/audio/audio.js | 103.106.20.186 | 200 OK | 115 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/audio/audio.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, ASCII text, with very long lines (796) Size115 kB (115071 bytes) Hash0ad53cdb5895e851ba462ceb2c9519f3 def4fd34e08a723dd769160b7aa98b8f6b477236 84eb21e3b1642b8768461fbdd510159374248e432140d16c023278203013c8a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/audio/audio.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:35 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 115071
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/css/style.bundle.css | 103.106.20.186 | 200 OK | 1.3 MB |
URL GET HTTP/1.1103.106.20.186:9007/assets/css/style.bundle.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeUnicode text, UTF-8 text, with very long lines (65342) Size1.3 MB (1253906 bytes) Hash26a43eee4a14e4e30107682ebb02582f 21a80b3675cd3c8740d02aacc776f10caa72d423 7b3d007bdb7a8a09d4db4fca3ba91afeea895c07e78052089d7a15b4d6349948
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/style.bundle.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:35 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 1253906
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/datatables/css/datatables.min.css | 103.106.20.186 | 200 OK | 23 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/datatables/css/datatables.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeUnicode text, UTF-8 text, with very long lines (22687), with no line terminators Hashb05ff37027ff673ebdefc99a1f01e7e7 817d91617a9c680e6bcda990eeecf3ff173ddce3 b9de02d81462087991564f952ad901c01b72d0a0c112912dd82b7e757885d6cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/datatables/css/datatables.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:36 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 22699
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/datatables/css/extensions/responsive.dataTables.min.css | 103.106.20.186 | 200 OK | 4.3 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/datatables/css/extensions/responsive.dataTables.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (4292), with no line terminators Hashdb59c11fdf72a660a12aaaf79f65f810 bf75e5d7895f72022ead260e6f16817e21fc4f9a 188153303bedecdd2299238839cf2a847f19fb59b4fd73d621d9f4cb9286fdf8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/datatables/css/extensions/responsive.dataTables.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:36 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 4292
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/datatables/css/dataTables.colVis.css | 103.106.20.186 | 200 OK | 6.0 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/datatables/css/dataTables.colVis.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hashccb9f3d1f3bb0f6139ac1b6d4101380c eb8499eb3e350cc8e1daeef086cb23ad3cdd85a2 1a082420b311c5d640e70c7d14897528713e2244c6ada207dbe261531d4d34da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/datatables/css/dataTables.colVis.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:37 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 6007
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/bs_5_toster/bs_5_tost_custom.css | 103.106.20.186 | 200 OK | 212 B |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/bs_5_toster/bs_5_tost_custom.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hash90e22ab97eade999cbb567876758e8ed cc312f675ea8d2d1e18449ea3d81b351af3bacb6 f2db3fdd12f83fdb8a2cdff19473cda40fc23ea08410ac3e9605a9f6e733ebf3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/bs_5_toster/bs_5_tost_custom.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:37 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 212
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/jquery_confirm_v3/jquery-confirm.min.css | 103.106.20.186 | 200 OK | 27 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/jquery_confirm_v3/jquery-confirm.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
Hashad9def12cdc8183601d99b85c501b010 c25b032978522adf50a017b3b13a1323bea7457f 2c8ddf0ec6b2a0d482a104632e48480d485cd0747d1ec3f93293869784a1df2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/jquery_confirm_v3/jquery-confirm.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:37 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 27277
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/bootstrap-datepicker/css/bootstrap-datepicker.min.css | 103.106.20.186 | 200 OK | 16 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/bootstrap-datepicker/css/bootstrap-datepicker.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (15543) Hash6c64af21a8a40fde79d8e92d44f8b7ce 5fcd369afabf977ec8ad1ad2e659380bd847ed44 24305c9d8795d7d275e22b0677712d9ec0902b4e5df0f733279f9fbc4bc126f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/bootstrap-datepicker/css/bootstrap-datepicker.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:37 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 15731
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/bootstrap-timepicker/bootstrap-timepicker.min.css | 103.106.20.186 | 200 OK | 3.3 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/bootstrap-timepicker/bootstrap-timepicker.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
Hashc50e7b28a2ec2536540df73226d14665 8ee21fd50e6fb4edca54020431c9ebba75abf5b3 f362e1d666183128715273741211729e5b0dec1e8e3e552523652d23fa3e63ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/bootstrap-timepicker/bootstrap-timepicker.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:37 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 3276
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/plugins/global/plugins.bundle.js | 103.106.20.186 | 200 OK | 2.3 MB |
URL GET HTTP/1.1103.106.20.186:9007/assets/plugins/global/plugins.bundle.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61201) Size2.3 MB (2266209 bytes) Hash167cffce8f0ea73c784b91ffafc62b75 1ecc73d1c419468474c2f78e179bca5f028dd239 964d7efcb24830feb942c28e2e39bc8df6ad5ecdeb95beb65fd7949a179a6108
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/global/plugins.bundle.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:35 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:34 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 2266209
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/daterange/css/daterangepicker.css | 103.106.20.186 | 200 OK | 8.4 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/daterange/css/daterangepicker.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
Hashdaecadc51840a5b3f1272673c3f36ab0 8d77a4d2944ac15f65ea1e066ab179a051eb7228 952339a4d493d1ab1a96d8f9793cae923b391868c1e7dc17082108b51d2dfbd3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/daterange/css/daterangepicker.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 8419
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/typeahedphoto/css/typeahedphoto.css | 103.106.20.186 | 200 OK | 2.9 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/typeahedphoto/css/typeahedphoto.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeassembler source, ASCII text, with CRLF line terminators Hash55f61356da08532029f366bbb032f253 9595061b6094f894a472fa689fa841cf624b266c 9edd7beea95a1896ec059c8989398b813eeac5ecbd3b36a15ec3efd8804878c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/typeahedphoto/css/typeahedphoto.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 2894
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/jasny-bootstrap/dist/css/jasny-bootstrap.min.css | 103.106.20.186 | 200 OK | 20 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/jasny-bootstrap/dist/css/jasny-bootstrap.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
Hash2caed11f9caf4b213723d7352cc24207 2dce34a7d262392b70854f7bf1fba3680bfe79ea aa1d3018b0112eef6b7dc04264614ab4f9f3cb2c0d78601e3984b5205651cf23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/jasny-bootstrap/dist/css/jasny-bootstrap.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 19930
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/jasny-bootstrap/dist/css/jasny_custom.css | 103.106.20.186 | 200 OK | 12 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/jasny-bootstrap/dist/css/jasny_custom.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeassembler source, ASCII text, with CRLF line terminators Hash9fd4b61e16415a64819fbc7f119a7c08 dcb4002007b815790ee7d8b1353572962392d93d 9a8607d393ffc13930002af337c8e2ed03a252c5410fa7efaf3cae9c4bfab4ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/jasny-bootstrap/dist/css/jasny_custom.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 11887
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/switch/css/bootstrap-switch.min.css | 103.106.20.186 | 200 OK | 5.6 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/switch/css/bootstrap-switch.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (5348) Hash17fc6e5330ede6f875a0736479b7f362 2ebe558e7530c76abbde30c840d8e478d3ee6618 b23dea9114d920bf0a7dfe5f493d535f4105f6512649f1608cdbee8b0d82579c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/switch/css/bootstrap-switch.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 5612
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/switch/css/switchery.min.css | 103.106.20.186 | 200 OK | 682 B |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/switch/css/switchery.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (682), with no line terminators Hash3d5c5f2d195cad6c3658bec52095df6b 31db624af9fdc9411c1457353cb2d0e018a73fc7 da426bd59d02d72e73d239e1aff982bb8e89dd1e94b9dfaa0901c0dfd8b5798a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/switch/css/switchery.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 682
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/switch/css/switch.css | 103.106.20.186 | 200 OK | 2.5 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/switch/css/switch.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
Hash347ddd1b697a27438345b3166a0a16d4 3dc9a6bd58f6bdf773d700697935f7ebfb91cfa4 af97e4fc442cdf8ae7740c14169136f7b6bcd2ba9a98847d20a0561c4ba31ee3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/switch/css/switch.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 2510
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/wow_animation/animate.css | 103.106.20.186 | 200 OK | 57 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/wow_animation/animate.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (22247), with CRLF line terminators Hashcaf73cf2dd64cceff640564221501c57 2ec95a73ab136033e62d11d982877c9e2caa4377 2291596a68c03339664c003c2d41a3e4c22f4908ae6d412976b57d5703f11810
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/wow_animation/animate.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 56614
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/jquery_ui/css/jquery-ui.min.css | 103.106.20.186 | 200 OK | 32 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/jquery_ui/css/jquery-ui.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (29137), with CRLF line terminators Hash215077014154308be415e1181a14646f 8366128e32a0fd429eb64d6aeaa0dca535a8be27 ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/jquery_ui/css/jquery-ui.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:38 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 32082
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/customizer/css/customizer.css | 103.106.20.186 | 200 OK | 37 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/customizer/css/customizer.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hashc3f95d7e5be3eba71397b017e0522c4b e64867a742f49234729bc22c72bbb107363d26be 97f2b93a534cc034e6b00dbe0352abbfd1b64ad63bc084c230189cde8daeaeb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/customizer/css/customizer.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:39 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 37153
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/bootstrap-selectpicker/css/bootstrap-select.min.css | 103.106.20.186 | 200 OK | 12 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/bootstrap-selectpicker/css/bootstrap-select.min.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (11584), with CRLF line terminators Hashbfb1a0055a13bf33488dceb5d74fa3bd 6fa3d28e6d6b6c7f00b61a9208a0453467d6c6ee 3e438de1a23d25d3a59be3c4bb6d38615f02558efe66db987fb938ad7d24b58c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/bootstrap-selectpicker/css/bootstrap-select.min.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:39 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 11830
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/css/custom.css | 103.106.20.186 | 200 OK | 130 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/css/custom.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (1013), with CRLF line terminators Size130 kB (130471 bytes) Hashaeb6215d96f2ccac06d6f47b157777e8 0a59c1b00aa234d5a274c2fc7b17dd34e7a45960 73dd6e052af09ecd250d20649c9b80825ec264780a95acf61a75fc1e204d8769
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/css/custom.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:39 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 130471
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/toggle_switch/toggle_switch.css | 103.106.20.186 | 200 OK | 7.6 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/toggle_switch/toggle_switch.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hash0a946290382a3142f41d2395cec21860 280f1bc9b4791a610fe933dfb7c8c47a3d57c045 ccbfff5041b4f426040123b3be95997ca379b4ecb703739a8def95c3d235f95e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/toggle_switch/toggle_switch.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:39 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 7626
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/fonts/roboto/roboto.css | 103.106.20.186 | 200 OK | 14 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/fonts/roboto/roboto.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with CRLF line terminators Hash5ae241a11f5526e66123a9e87729c5cf f7964a880bb3bb304648aeefa6be769dea6bb214 37974820a7da4d487a2af5a8c33556c00f79bb247ea7c9ead520be97b80107fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/fonts/roboto/roboto.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:39 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 13831
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/plugins/virtual_keyboard/virtual_keyboard.js | 103.106.20.186 | 200 OK | 4.3 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/plugins/virtual_keyboard/virtual_keyboard.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, ASCII text, with CRLF line terminators Hash5e88608587b0ea35885e10f4aae532aa 47f4b1bb2a9ff1d1f429a5b6c59872748bdda63e 21af39a99024949a53d1e17e2e808fbd147b0fe44cb68f5ed08f18d647d2e054
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/plugins/virtual_keyboard/virtual_keyboard.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:44 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 4255
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/customjs/common.js | 103.106.20.186 | 200 OK | 55 kB |
URL GET HTTP/1.1103.106.20.186:9007/customjs/common.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash20a1dca43c4a6c850741f4d3afc5394c dbc5527bb4480e195b172f41e7fb694354bc2d14 15fa451d5478ddf60f4f3511910c957672bfb0d6b29e0d2280ed297c26cd5e01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /customjs/common.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:44 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Tue, 16 Apr 2024 07:44:14 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 55382
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/customjs/signup/jsencrypt.js | 103.106.20.186 | 200 OK | 207 kB |
URL GET HTTP/1.1103.106.20.186:9007/customjs/signup/jsencrypt.js IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJavaScript source, ASCII text, with very long lines (21722) Size207 kB (206591 bytes) Hash5eeb0c1de86fc513fe606cacbdc53fcc 3989fd14f92f7f39037e2526eb416ddb563cd334 5c8e2940f84e9728e587a38628231f97f7d07f2fe0b4a96c2721dfaadc5874c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /customjs/signup/jsencrypt.js HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:44 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Tue, 08 Aug 2023 13:28:44 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/javascript
Content-length: 206591
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/plugins/global/plugins.bundle.css | 103.106.20.186 | 200 OK | 704 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/plugins/global/plugins.bundle.css IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeASCII text, with very long lines (65536), with no line terminators Size704 kB (704065 bytes) Hashff35aaa3417a54e6e5557a7285d83551 d69e6303c34d3283e9df4439d539a24affec8401 8b4cc2246e44c1264661cf15562c4cb708c5145c7e383872b395adfa7e492d6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/global/plugins.bundle.css HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/assets/custom/css/imports_plain.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:44 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:34 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: text/css
Content-length: 704065
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/images/logo.jpg | 103.106.20.186 | 200 OK | 30 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/images/logo.jpg IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6], baseline, precision 8, 253x84, components 3 Hashc2ce48668c7022e8f1de7ef82fc0a85b 94ef5a39015ec47b102910b4e6913465eccee7e2 02c24fc7f0df39e6f73ebba05381f09d79be39f3a8cefb3f14b38f878ef84125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/images/logo.jpg HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: image/jpeg
Content-length: 30417
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/images/full_logo.png | 103.106.20.186 | 200 OK | 55 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/images/full_logo.png IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2020:04:29 15:14:02], baseline, precision 8, 562x60, components 3 Hash694ee05de50dc3cb357f8d9e3a4c7cac 5ccd0834d1b1be35b0a75de7774b7dc34620e8ee 82fe9d6cdc754e820460a7fcc1a11d54a714d992a3f2d606b355ecb27febe33d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/images/full_logo.png HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: image/png
Content-length: 54810
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/images/favicon.ico | 103.106.20.186 | 200 OK | 15 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/images/favicon.ico IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashbe3a4564257717a878bcb4d53cc4fbfb 9679372edde68d41c50d952dfaafdac3116b9f57 f455f39991dfc9ba9a958a2e44f472e20c74dca1d44a2a8f8a2084525f13c57e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/images/favicon.ico HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: image/x-icon
Content-length: 15406
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 103.106.20.186 | 200 OK | 16 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://103.106.20.186:9007/assets/custom/fonts/roboto/roboto.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: font/woff2
Content-length: 15920
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2 | 103.106.20.186 | 200 OK | 16 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2 IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/fonts/roboto/fonts/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://103.106.20.186:9007/assets/custom/fonts/roboto/roboto.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: font/woff2
Content-length: 15744
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 103.106.20.186 | 200 OK | 16 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/fonts/roboto/fonts/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://103.106.20.186:9007/assets/custom/fonts/roboto/roboto.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:24 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: font/woff2
Content-length: 15860
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/custom/images/background10.jpg | 103.106.20.186 | 200 OK | 556 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/custom/images/background10.jpg IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1280, components 3 Size556 kB (556077 bytes) Hashebb37eb34a0e52cefda0113c3a59c928 c56bee81eba20014fa7a372a1a61f18647a0b691 b3f8022378c834a106740086a74ea09c129f5a6468ae23f9b6767e85c47072c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/custom/images/background10.jpg HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:26 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: image/jpeg
Content-length: 556077
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/assets/plugins/global/fonts/@fortawesome/fa-solid-900.woff2 | 103.106.20.186 | 200 OK | 150 kB |
URL GET HTTP/1.1103.106.20.186:9007/assets/plugins/global/fonts/@fortawesome/fa-solid-900.woff2 IP103.106.20.186:9007 ASN#137085 Ani Broadband Service Pvt Ltd
Requested byhttp://103.106.20.186:9007/login
File typeWeb Open Font Format (Version 2), TrueType, length 150516, version 770.768 Size150 kB (150516 bytes) Hash328a9d0f59f0ebb55cddac6f39995bea c0e6e76b4a02c34656ff2a41b671e02f2821829b 8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/plugins/global/fonts/@fortawesome/fa-solid-900.woff2 HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://103.106.20.186:9007/assets/plugins/global/plugins.bundle.css
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Oracle-iPlanet-Web-Server/7.0
Date: Fri, 10 May 2024 10:37:45 GMT
Access-control-allow-methods: POST, GET
X-frame-options: DENY
Access-control-allow-origin: SAMEORIGIN
X-content-type-options: nosniff
Strict-transport-security: max-age=31536000; includeSubDomains
X-xss-protection: 1; mode=block
Referrer-policy: strict-origin-when-cross-origin
X-dns-prefetch-control: off
Access-control-max-age: 3600
Content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline' https://kccbl.s3.ap-south-1.amazonaws.com; img-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data: blob:; font-src 'self' https://kccbl.s3.ap-south-1.amazonaws.com data:; frame-ancestors 'none'; script-src 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' 'self' https://kendo.cdn.telerik.com https://uat.billdesk.com/ https://124.124.19.53:446/ https://uatkalupur.northakross.in https://kccbl.s3.ap-south-1.amazonaws.com;
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Last-modified: Fri, 03 May 2024 04:51:34 GMT
Cache-control: max-age=1296000
Accept-ranges: bytes
Content-type: font/woff2
Content-length: 150516
Via: 1.1 https-efive
Proxy-agent: Oracle-iPlanet-Web-Server/7.0
|
|
| 103.106.20.186:9007/resourse/common/pageopen | 0.0.0.0 | | 0 B |
URL POST 103.106.20.186:9007/resourse/common/pageopen IP0.0.0.0:0
Requested byhttp://103.106.20.186:9007/login
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /resourse/common/pageopen HTTP/1.1
Host: 103.106.20.186:9007
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://103.106.20.186:9007/login
Content-Type: application/json
X-CSRF-TOKEN: 1fKbaW1liZP9M9vetCe3NpSj8oapB_31PO1ryNZvpf_8bKMwtJb_CghVv6LQUrjq0QqDA_CQ3-eRM57YDdhb8LIJls_PW5BT
systemdata: {"osName":"Linux x86_64","browserLanguage":"en-US","ScreenSize":"1024x1280","viewportSize":"1024x1280","BrowserVersion":"96.0","browserVendor":"","devicePixelRatio":1,"colorDepth":24,"cookieEnabled":true,"os":"Linux","appVersion":"5.0 (X11)","Ram":"undefined","touchSupport":false,"hostUrl":"103.106.20.186"}
X-Requested-With: XMLHttpRequest
Content-Length: 4
Origin: http://103.106.20.186:9007
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=AFCC0C468CF867A99059AB0E6101E928
Pragma: no-cache
Cache-Control: no-cache
|
|