103.190.67.18 Open in urlscan Pro
103.190.67.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vendor.niranigroups.com/
Effective URL:
http://103.190.67.18:4113/UserAuth.aspx
Submission: On September 20 via manual (September 20th 2024, 5:35:01 am UTC) from IN — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 103.190.67.18, located in Bijapur, India and belongs to ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN. The main domain is 103.190.67.18.

This is the only time 103.190.67.18 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2	103.160.107.138 103.160.107.138		133296 (WEBWERKS-...) (WEBWERKS-AS-IN Web Werks India Pvt. Ltd.)
12	103.190.67.18 103.190.67.18		137172 (ACNS-AS-I...) (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a		15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003		15169 (GOOGLE) (GOOGLE)
16	4

2 103.160.107.138 (India)

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
PTR: atlas.herosite.pro

vendor.niranigroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 103.190.67.18 (Bijapur, India)

ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN)

103.190.67.18	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	niranigroups.com vendor.niranigroups.com	2 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
16	3

	Domain	Requested by
2	vendor.niranigroups.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	103.190.67.18
16	3

This site contains no links.

Subject Issuer	Validity	Valid
www.vendor.niranigroups.com R11	`2024-09-10` - `2024-12-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://103.190.67.18:4113/UserAuth.aspx
Frame ID: 2CFD5635B7B31637BCBCE533127C5CBA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Users Authentication

Page URL History Show full URLs

http://vendor.niranigroups.com/ HTTP 307
https://vendor.niranigroups.com/ Page URL
http://103.190.67.18:4113/UserAuth.aspx HTTP 307
https://103.190.67.18:4113/UserAuth.aspx HTTP 307
http://103.190.67.18:4113/UserAuth.aspx Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

25 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2316 kB
Transfer

3683 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vendor.niranigroups.com/ HTTP 307
https://vendor.niranigroups.com/ Page URL
http://103.190.67.18:4113/UserAuth.aspx HTTP 307
https://103.190.67.18:4113/UserAuth.aspx HTTP 307
http://103.190.67.18:4113/UserAuth.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vendor.niranigroups.com/ HTTP 307
https://vendor.niranigroups.com/

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
vendor.niranigroups.com/
Redirect Chain

http://vendor.niranigroups.com/
https://vendor.niranigroups.com/

419 B
454 B

1436ms
255ms

Document
text/html

103.160.107.138
WEBWERKS-AS-IN We...

General

Check archive.org

Show headers Download Go to

Full URL: https://vendor.niranigroups.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.107.138 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN),
Reverse DNS: atlas.herosite.pro
Software: LiteSpeed /
Resource Hash: 934f5570cd78f2eeb14946dbc2deb6c6cdb0484947ce4fb35e9a91f338f5cea7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 201
content-type: text/html
date: Fri, 20 Sep 2024 05:34:43 GMT
last-modified: Tue, 27 Aug 2024 15:36:38 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://vendor.niranigroups.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1

200
OK

Primary Request UserAuth.aspx Show response
103.190.67.18/
Redirect Chain

http://103.190.67.18:4113/UserAuth.aspx
https://103.190.67.18:4113/UserAuth.aspx
http://103.190.67.18:4113/UserAuth.aspx

10 KB
3 KB

308ms
307ms

Document
text/html

103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a72326e379693eebfb807ab8356b2d2ff599921693b378d96a8f2f066ea40b0a

Request headers

Referer: https://vendor.niranigroups.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 3109
Content-Type: text/html; charset=utf-8
Date: Fri, 20 Sep 2024 05:34:44 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Location: http://103.190.67.18:4113/UserAuth.aspx
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 404 favicon.ico
vendor.niranigroups.com/ 1 KB
1 KB 256ms
255ms Other
text/html 103.160.107.138
WEBWERKS-AS-IN We...

General

Check archive.org

Show headers Download Go to

Full URL: https://vendor.niranigroups.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.107.138 , India, ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN),
Reverse DNS: atlas.herosite.pro
Software: LiteSpeed /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://vendor.niranigroups.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1251
pragma: no-cache
date: Fri, 20 Sep 2024 05:34:44 GMT
content-type: text/html
server: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 216ms
80ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=fallback

Requested by

Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

825492ba40e6bc3038f338f50ae5a96789325a8d1dfb6606faf2542b51283413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 05:34:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 05:34:45 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 20 Sep 2024 04:31:37 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK all.min.css
103.190.67.18/App_Assets/adminlte/plugins/fontawesome-free/css/ 58 KB
16 KB 302ms
300ms Stylesheet
text/css 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/plugins/fontawesome-free/css/all.min.css
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Content-Length: 15690
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: text/css
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK adminlte.min.css
103.190.67.18/App_Assets/adminlte/dist/css/ 1 MB
193 KB 604ms
306ms Stylesheet
text/css 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/dist/css/adminlte.min.css
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ae1534a2c9540d6ad60f14d8e09c48d9ad8e751b46ed849fdefe737116dcc921

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: text/css
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK auth-style.css
103.190.67.18/App_Assets/css/ 569 B
743 B 601ms
297ms Stylesheet
text/css 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/css/auth-style.css
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b0279e21e391384c69cff10c2faedf01d9f07f4a724c3b1b8d94336ea346863d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "999ef6216139da1:0"
Accept-Ranges: bytes
Content-Length: 449
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: text/css
Last-Modified: Thu, 28 Dec 2023 07:40:30 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK MrnGroupLogo.png
103.190.67.18/App_Assets/img/ 911 KB
912 KB 617ms
309ms Image
image/png 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://103.190.67.18:4113/App_Assets/img/MrnGroupLogo.png
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be952021a636b7d7f9fb523e08b985af7c91162b9a875fd9e40f2c98f0c26b78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

ETag: "1318c7991d1d81:0"
Accept-Ranges: bytes
Content-Length: 933259
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: image/png
Last-Modified: Mon, 26 Sep 2022 10:16:27 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK mrnsir.png
103.190.67.18/App_Assets/img/ 799 KB
799 KB 632ms
317ms Image
image/png 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://103.190.67.18:4113/App_Assets/img/mrnsir.png
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc8ff05e3cbd73eaeecc415c90f46f3bb818839b0f72d7bc6adb714ecf473fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

ETag: "92ce3c74e39da1:0"
Accept-Ranges: bytes
Content-Length: 817877
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: image/png
Last-Modified: Thu, 28 Dec 2023 05:23:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK jquery.min.js Show response
103.190.67.18/App_Assets/adminlte/plugins/jquery/ 87 KB
39 KB 597ms
300ms Script
application/javascript 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/plugins/jquery/jquery.min.js
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Content-Length: 39756
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
103.190.67.18/App_Assets/adminlte/plugins/bootstrap/js/ 81 KB
30 KB 344ms
330ms Script
application/javascript 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Content-Length: 30444
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK adminlte.min.js Show response
103.190.67.18/App_Assets/adminlte/dist/js/ 45 KB
15 KB 300ms
300ms Script
application/javascript 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/dist/js/adminlte.min.js
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bb6ca87a6d87b4e0900a7b29ddf3bdb23e6452b2feee13807e6f1eb35f00163c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Content-Length: 14604
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: application/javascript
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK auth-script.js Show response
103.190.67.18/App_Assets/js/ 14 KB
4 KB 300ms
300ms Script
application/javascript 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/js/auth-script.js
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/UserAuth.aspx
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 82be3c21bc03566c2b71b8d8318d02692aa77901dea72dae6305bb8c5898e293

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

Content-Encoding: gzip
ETag: "47f6f42c2e4db1:0"
Accept-Ranges: bytes
Content-Length: 3727
Date: Fri, 20 Sep 2024 05:34:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 11 Sep 2024 09:37:10 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 193ms
62ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=fallback

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://103.190.67.18:4113
Referer: https://fonts.googleapis.com/

Response headers

age: 128084
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 18 Sep 2025 18:00:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Sep 2024 18:00:03 GMT
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14892
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK fa-solid-900.woff2
103.190.67.18/App_Assets/adminlte/plugins/fontawesome-free/webfonts/ 76 KB
77 KB 299ms
299ms Font
application/font-woff2 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/adminlte/plugins/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: 103.190.67.18
URL: http://103.190.67.18:4113/App_Assets/adminlte/plugins/fontawesome-free/css/all.min.css
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: http://103.190.67.18:4113
Referer: http://103.190.67.18:4113/App_Assets/adminlte/plugins/fontawesome-free/css/all.min.css

Response headers

ETag: "05eb2c2f01bd81:0"
Accept-Ranges: bytes
Content-Length: 78268
Date: Fri, 20 Sep 2024 05:34:47 GMT
Content-Type: application/font-woff2
Last-Modified: Mon, 07 Feb 2022 07:03:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK logo.png
103.190.67.18/App_Assets/img/ 210 KB
210 KB 309ms
309ms Other
image/png 103.190.67.18
ACNS-AS-IN ALL CO...

General

Check archive.org

Show headers Download Go to

Full URL: http://103.190.67.18:4113/App_Assets/img/logo.png
Protocol: HTTP/1.1
Server: 103.190.67.18 Bijapur, India, ASN137172 (ACNS-AS-IN ALL CONNECT NETWORK SERVICES PRIVATE LIMITED, IN),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5edffa94e15ef3b343b5ec43d4b69504c87d6d9daf8439e094e96d5b836a28db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://103.190.67.18:4113/UserAuth.aspx

Response headers

ETag: "d376a592e5f5da1:0"
Accept-Ranges: bytes
Content-Length: 214670
Date: Fri, 20 Sep 2024 05:34:47 GMT
Content-Type: image/png
Last-Modified: Sat, 24 Aug 2024 05:22:11 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| adminlte function| generateOTP

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://vendor.niranigroups.com/(Line 8) Message: Mixed Content: The page at 'https://vendor.niranigroups.com/' was loaded over HTTPS, but requested an insecure frame 'http://103.190.67.18:4113/UserAuth.aspx'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://vendor.niranigroups.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
vendor.niranigroups.com
103.160.107.138
103.190.67.18
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80d::2003
5edffa94e15ef3b343b5ec43d4b69504c87d6d9daf8439e094e96d5b836a28db
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
825492ba40e6bc3038f338f50ae5a96789325a8d1dfb6606faf2542b51283413
82be3c21bc03566c2b71b8d8318d02692aa77901dea72dae6305bb8c5898e293
934f5570cd78f2eeb14946dbc2deb6c6cdb0484947ce4fb35e9a91f338f5cea7
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a72326e379693eebfb807ab8356b2d2ff599921693b378d96a8f2f066ea40b0a
ae1534a2c9540d6ad60f14d8e09c48d9ad8e751b46ed849fdefe737116dcc921
b0279e21e391384c69cff10c2faedf01d9f07f4a724c3b1b8d94336ea346863d
bb6ca87a6d87b4e0900a7b29ddf3bdb23e6452b2feee13807e6f1eb35f00163c
be952021a636b7d7f9fb523e08b985af7c91162b9a875fd9e40f2c98f0c26b78
fc8ff05e3cbd73eaeecc415c90f46f3bb818839b0f72d7bc6adb714ecf473fa7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e