| 103.104.180.194/ | 103.104.180.194 | | 212 B |
IP103.104.180.194:0 ASN#135212 Digiway Net Pvt Ltd
File typeHTML document, ASCII text Hashb9544f9e9c93d61bffef12e1fe7bbe34 adbd6969199db4b453fe3200afe623010456b2f9 5396e0d214029b7255dcb38e26340afedb49e1c0449595bfc72b75028016625a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 26 Apr 2024 23:03:01 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Location: https://103.104.180.194:443/
Content-Length: 212
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 103.104.180.194/ | 103.104.180.194 | | 210 B |
IP103.104.180.194:0 ASN#135212 Digiway Net Pvt Ltd
File typeHTML document, ASCII text Hashbf305542b893b5d3c3397cc3d8701b15 c9cce5fd71ad9ccfa6ded9eb4c43e6f8abb420a9 ac6be4f873c5e9d53adc58d7d3c6ab9428ab95cfcae5d17fcf054262375dcdf4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 26 Apr 2024 23:03:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Location: https://103.104.180.194/ng
Content-Length: 210
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 103.104.180.194/ng | 103.104.180.194 | | 1.2 kB |
IP103.104.180.194:0 ASN#135212 Digiway Net Pvt Ltd
File typeHTML document, ASCII text Hash2223a84a67c7abed74c034ca7018c9ae 807228a9a10dc78ac34db281859342bc7a09cb64 5c5118b4821fdb3ae457f205c616627570f66ba01a289af0c645c86ffbc88919
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ng HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Vary: Accept-encoding
Cache-Control: no-cache
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 1204
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
Content-Encoding: gzip
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/ng/ng.bundle.js | 103.104.180.194 | | 123 B |
URL 103.104.180.194/bb54e5938db2b54856021bdace212b1a/ng/ng.bundle.js IP103.104.180.194:0 ASN#135212 Digiway Net Pvt Ltd
File typeHTML document, ASCII text, with no line terminators Hash54c8f699322a7eca202a9f16f96728a0 28af5c7cb40f0c9b32aaad47fe73dbb21b1c37d9 748aff55ce918b0ecefe33dc4e951392177c0254e800f06a6836f5a82dc8586e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/ng/ng.bundle.js HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 401 Unauthorized
Date: Fri, 26 Apr 2024 23:03:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Content-Length: 123
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
|
| 103.104.180.194/logout?redir=%2Fng | 103.104.180.194 | | 76 B |
URL 103.104.180.194/logout?redir=%2Fng IP103.104.180.194:0 ASN#135212 Digiway Net Pvt Ltd
File typeHTML document, ASCII text Hash941b6f2a3f248c40b8fabb6fa87530eb 917e45ab69acb71a126c01cec85241df31b6a7a1 8f4c598d30a387a23539cb31d559ef1ac61e4a10380570c4f5e470d3614be8e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logout?redir=%2Fng HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/ng
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:04 GMT
Set-Cookie: APSCOOKIE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
VDOM_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
CENTRAL_MGMT_OVERRIDE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
EDIT_HISTORY_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
FILE_DOWNLOADING_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
ccsrftoken_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
ccsrftoken="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
session_key_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
AUTOSCALE_CONFIG_REC_OVERRIDE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Content-Length: 76
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
|
|
| 103.104.180.194/login?redir=%2Fng | 103.104.180.194 | 200 OK | 2.6 kB |
URL User Request GET HTTP/1.1103.104.180.194/login?redir=%2Fng IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeHTML document, ASCII text Hash1d5a6e9d2285afad2c863cc0bda05613 2c7f2c52829f862633e7d5b4734894c0903f8452 8749ace804ddf50b72f0f4dffafc8c8d4e6e6e5a79962d9291aec766946e9ad1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login?redir=%2Fng HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/logout?redir=%2Fng
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:04 GMT
Set-Cookie: APSCOOKIE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
VDOM_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
CENTRAL_MGMT_OVERRIDE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
EDIT_HISTORY_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
FILE_DOWNLOADING_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
ccsrftoken_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
ccsrftoken="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
session_key_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
AUTOSCALE_CONFIG_REC_OVERRIDE_8890982917034539599="0%260"; path=/; expires=Thu, 09-May-1974 23:03:04 GMT; secure; SameSite=Strict
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Content-Length: 2637
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/js/login.js | 103.104.180.194 | 200 OK | 3.6 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/js/login.js IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeJavaScript source, ASCII text Hash21d494772fe87b3288d99b072c8e03a6 5113fd8275c042073d74cd63aa4e8ba2f4a5d128 4f66b45e0ad808f90f6c60ee6d63a82e7f707123bee71d5005807a15f22da255
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/js/login.js HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/login?redir=%2Fng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:05 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Vary: Accept-encoding
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 3597
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
Content-Encoding: gzip
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css | 103.104.180.194 | 200 OK | 88 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeUnicode text, UTF-8 text, with very long lines (65530), with no line terminators Hash320eb2579505a92ef66ccab84866de5f 5ab5c67627aa8d5aee848fb3de66d0d6fdab9cb0 7164ef7ac38740019966a0460db55cd4f73a69d264f2b718d71c725dd8eaa044
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/css/main-mariner.css HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/login?redir=%2Fng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:04 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Vary: Accept-encoding
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 88396
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
Content-Encoding: gzip
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/lang/en.json | 103.104.180.194 | 200 OK | 236 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/lang/en.json IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
Size236 kB (235677 bytes) Hashaff3180ae0eb8abd00e4bfe5c1fda27e 2e1a08bc9bf58e8c618ecaea633cb6aa175c7447 f279f76a5be2b505a2c65e73acbd47ace8cd3411a6a632563f2323cde1ef21ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/lang/en.json HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/login?redir=%2Fng
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:05 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Vary: Accept-encoding
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 235677
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/json
Content-Encoding: gzip
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 | 103.104.180.194 | 200 OK | 28 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27892, version 1.6816 Hashf7ff2a6ff8699952646b5592de084dfa a63534a9fe94054bcfa4e96457871452ad9ab44d 2ee055921e5460e768980da0e441063d23f4320ea15e232a4f77ffcbe5b4f74f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 27892
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 | 103.104.180.194 | 200 OK | 28 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27892, version 1.6816 Hashf7ff2a6ff8699952646b5592de084dfa a63534a9fe94054bcfa4e96457871452ad9ab44d 2ee055921e5460e768980da0e441063d23f4320ea15e232a4f77ffcbe5b4f74f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/fonts/lato-regular.woff2 HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 27892
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff | 103.104.180.194 | 200 OK | 43 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeWeb Open Font Format, TrueType, length 43292, version 1.0 Hash23d62c07605060a8b71fea47bb546b86 86782c1d2842567bd9aa4acaa41ce85b927affa7 916470c96461fce30511594f599d7ef0ed7c2537e8cb1f608492715ab6ec8e4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 43292
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
|
|
| 103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff | 103.104.180.194 | 200 OK | 43 kB |
URL GET HTTP/1.1103.104.180.194/bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeWeb Open Font Format, TrueType, length 43292, version 1.0 Hash23d62c07605060a8b71fea47bb546b86 86782c1d2842567bd9aa4acaa41ce85b927affa7 916470c96461fce30511594f599d7ef0ed7c2537e8cb1f608492715ab6ec8e4c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bb54e5938db2b54856021bdace212b1a/fonts/ftnt-icons.woff HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/bb54e5938db2b54856021bdace212b1a/css/main-mariner.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 43292
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
|
|
| 103.104.180.194/favicon.ico | 103.104.180.194 | 200 OK | 318 B |
URL GET HTTP/1.1103.104.180.194/favicon.ico IP103.104.180.194:443 ASN#135212 Digiway Net Pvt Ltd
Requested byhttps://103.104.180.194/login?redir=%2Fng CertificateIssuerFortinet Ltd. SubjectFortiGate FingerprintF6:AA:44:AD:80:63:FD:8A:04:25:8E:60:CF:8D:5D:9B:8F:2F:C3:43 ValidityWed, 15 Mar 2023 09:08:18 GMT - Tue, 17 Jun 2025 09:08:18 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 16 colors Hashe462005902f81094ab3de44e4381de19 684d6a3783a92305592c4211412ad0e17d402195 d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 103.104.180.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://103.104.180.194/login?redir=%2Fng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:03:07 GMT
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15552000
Cache-Control: no-cache
Last-Modified: Wed, 17 Nov 2021 23:17:12 GMT
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/x-icon
|
|