Report - wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

Report Overview

Submitted URL
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
IP
148.72.212.116
ASN
#26496 AS-26496-GO-DADDY-COM-LLC
Submitted
2023-02-09 21:44:44
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
18
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	343 B	699 B	142.250.74.163
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.202.152.202
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	406 B	1.7 kB	142.250.74.106
wdck.ac.in	unknown	2020-05-26T12:17:02Z	2023-03-08T10:16:43Z	13 kB	1.4 MB	148.72.212.116
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	42 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-09 21:45:35	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:36	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:36	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:36	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:36	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:36	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:37	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:38	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:38	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:38	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:38	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed
2023-02-09 21:45:41	high	148.72.212.116	Client IP	ET PHISHING Possible Phish - Mirrored Website Comment Observed

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg	Phishing
2023-02-09	medium	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js	76 kB	2023-03-13	2023-03-13
Pretty URL wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js IP 148.72.212.116 ASN #26496 AS-26496-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:37:32 Last Seen2023-03-13 20:50:45 Times Seen1 Hash 58b0e6179790053922e9988515df2aac 75326c4d0cf3f345b42096b026e6dded2a9fdbee c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334 Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Fri, 10 Feb 2023 00:10:28 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84247d80b610d0c6da587141b21323ae
46461f8709d099f5295998f41aaafa5be4387ea6
bee5e9e0d7b4a24609950ceb40194bffb482c36152d376bb119e7cc3aba488dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE5E9E0D7B4A24609950CEB40194BFFB482C36152D376BB119E7CC3ABA488DC"
Last-Modified: Thu, 09 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5481
Expires: Thu, 09 Feb 2023 23:15:54 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 21:36:52 GMT
content-type: application/json
age: 461
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7343
Expires: Thu, 09 Feb 2023 23:46:56 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XAEL7r8FJp2m2t+Zi/UubenlR6BWgwFZzFoOPT8KtZfIvra5jWT6+ND6AoqWOaPz6JgE6gOTHCk=
x-amz-request-id: ZX3H2G1QM52DM1CN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 21:36:31 GMT
age: 482
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 21:44:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 21:14:53 GMT
age: 1781
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Thu, 09 Feb 2023 23:17:07 GMT
Date: Thu, 09 Feb 2023 21:44:34 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
764f6498bfc9fce44fcfaca97119697f
d285cc1f81ca9f23891ff68c2380e0f9e9e96e0c
8d1b5c3b41446c6b296d3a8c96bfdfca8f1a68cc8aa2008ea1b86a8194281f5e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800

142.250.74.106

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1092 bytes)
Hash
30aa82bc30616673e77f58f1c6b48756
aff2b2f36a8eca0de54e206c3b8c106ff3efb26d
181bde1a373dd6e4b3d2a5b7bfd6345c047067271a1740e8409143ab7a40ba64

HTTP Headers

GET /css?family=Raleway:400,300,500,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdck.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 21:44:34 GMT
date: Thu, 09 Feb 2023 21:44:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.202.152.202

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.202.152.202:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z0w+gdlH8zcE05GbyjY/Tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 02+MPPEbUV58YufBy8bZ1cAzUbg=

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:33 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3014 bytes)
Hash
28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yKZXG594CyzQW-YWQXUJmRjokMeG6o8ow7nJ3G2o0lLJvyINnmA83w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:34:38 GMT
age: 597
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8150 bytes)
Hash
764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I3qmC4D6qdsheK8VO3oKbPDU7XV1r9_XEPMcExKnvATDkVUsJHjHbg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 01:59:42 GMT
age: 71093
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3474 bytes)
Hash
2c1f5626e7ff7e681468c3c5820f3633
a8bb267f929b734a53b3dab0283c717270f6eb43
38d81274cc9f71f149091f72494c74872d99909c69d612a595c930c4755c4da3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 1b0f88cf-460b-4ed2-8235-86c9e3e3ff93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffW2uG3LIAMF3cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d604f7-42e5c38315bdbd47615985b6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 05:32:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j7JqKdXPBH0hFdoy4Qj0ttGzX93CyNdiv6Tn5h1F_zwNhxwb4IYBTA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:28:34 GMT
age: 83761
etag: "a8bb267f929b734a53b3dab0283c717270f6eb43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7451 bytes)
Hash
5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFPF2xZJ9QIqJbOEjTi5gt2aflnM9HVaWp8FpRAIIeDf59cJzbp6kw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:46:36 GMT
age: 86279
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
b0c5e12696e3ee13041d043084828210
c48927fb23f59e0949d388086c197699c8f19d1b
47838e958555ff6799d4d1d3994913943726daba5294cd89afe9036628ef6fdb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: fa797448-32c3-4438-a192-5291c48b1d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKFq9oAMFgog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-46ff32923a2763b45a5194f4;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e8yBHmdX4duWFAhkjCeEprppre8BIVfdXzFZGTy0-WONltQxfqbbQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:34:38 GMT
age: 597
etag: "c48927fb23f59e0949d388086c197699c8f19d1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4928 bytes)
Hash
087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 2d81ff60-65c6-4a7d-86d5-8853a961be0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwDm6GoOIAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb2f8-5acf67171c4b3ee87794ea02;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: udtvUr0tqVtI70L8glPQK3ePowPGstiizC9tb6U4kQg0JzsLqViUIg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:54 GMT
age: 86321
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/favicon.ico

148.72.212.116

200 OK

76 kB

URL HTTP/1.1
wdck.ac.in/favicon.ico
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Size
76 kB (76154 bytes)
Hash
58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334

Detections

NIDS	Severity	Alert
suricata	high	ET PHISHING Possible Phish - Mirrored Website Comment Observed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:38 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:38 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png

148.72.212.116

200 OK

0 B

URL HTTP/1.1
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png
IP
148.72.212.116:0
ASN
#26496 AS-26496-GO-DADDY-COM-LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php

HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (53)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type