r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Fri, 10 Feb 2023 00:10:28 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 84247d80b610d0c6da587141b21323ae
46461f8709d099f5295998f41aaafa5be4387ea6
bee5e9e0d7b4a24609950ceb40194bffb482c36152d376bb119e7cc3aba488dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEE5E9E0D7B4A24609950CEB40194BFFB482C36152D376BB119E7CC3ABA488DC"
Last-Modified: Thu, 09 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5481
Expires: Thu, 09 Feb 2023 23:15:54 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 21:36:52 GMT
content-type: application/json
age: 461
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7343
Expires: Thu, 09 Feb 2023 23:46:56 GMT
Date: Thu, 09 Feb 2023 21:44:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XAEL7r8FJp2m2t+Zi/UubenlR6BWgwFZzFoOPT8KtZfIvra5jWT6+ND6AoqWOaPz6JgE6gOTHCk=
x-amz-request-id: ZX3H2G1QM52DM1CN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 21:36:31 GMT
age: 482
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 21:44:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 21:14:53 GMT
age: 1781
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5553
Expires: Thu, 09 Feb 2023 23:17:07 GMT
Date: Thu, 09 Feb 2023 21:44:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 764f6498bfc9fce44fcfaca97119697f
d285cc1f81ca9f23891ff68c2380e0f9e9e96e0c
8d1b5c3b41446c6b296d3a8c96bfdfca8f1a68cc8aa2008ea1b86a8194281f5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 21:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Raleway:400,300,500,600,700,800
IP 142.250.74.106:0
Hash 30aa82bc30616673e77f58f1c6b48756
aff2b2f36a8eca0de54e206c3b8c106ff3efb26d
181bde1a373dd6e4b3d2a5b7bfd6345c047067271a1740e8409143ab7a40ba64
GET /css?family=Raleway:400,300,500,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wdck.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 Feb 2023 21:44:34 GMT
date: Thu, 09 Feb 2023 21:44:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.202.152.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.152.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z0w+gdlH8zcE05GbyjY/Tg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 02+MPPEbUV58YufBy8bZ1cAzUbg=
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:33 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color-switcher.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/font-awesome.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 09 Feb 2023 23:21:47 GMT
Date: Thu, 09 Feb 2023 21:44:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yKZXG594CyzQW-YWQXUJmRjokMeG6o8ow7nJ3G2o0lLJvyINnmA83w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:34:38 GMT
age: 597
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I3qmC4D6qdsheK8VO3oKbPDU7XV1r9_XEPMcExKnvATDkVUsJHjHbg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 01:59:42 GMT
age: 71093
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c1f5626e7ff7e681468c3c5820f3633
a8bb267f929b734a53b3dab0283c717270f6eb43
38d81274cc9f71f149091f72494c74872d99909c69d612a595c930c4755c4da3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4930c104-0ac3-49ae-9506-13702874f821.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 1b0f88cf-460b-4ed2-8235-86c9e3e3ff93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffW2uG3LIAMF3cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d604f7-42e5c38315bdbd47615985b6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 05:32:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j7JqKdXPBH0hFdoy4Qj0ttGzX93CyNdiv6Tn5h1F_zwNhxwb4IYBTA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:28:34 GMT
age: 83761
etag: "a8bb267f929b734a53b3dab0283c717270f6eb43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/material-design-iconic-font.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fc553a8677d9c0bf4835a0c29a7345c
ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8
e821faf86e44f2b9c9d5bd8cd3575c0a99acfc58774077034c413e345a7c0c0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F396748b7-25c0-4112-960c-9c86d5ad28f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: a900a5b4-85cd-4817-8e70-2516eb33a0a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fox8IHMuIAMFdHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9c9e7-1122726b315a7c5623d1ff3f;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 02:09:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JFPF2xZJ9QIqJbOEjTi5gt2aflnM9HVaWp8FpRAIIeDf59cJzbp6kw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:46:36 GMT
age: 86279
etag: "ec8541dd8ae32e1cf597d40cc1d9d04aefb46ba8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0c5e12696e3ee13041d043084828210
c48927fb23f59e0949d388086c197699c8f19d1b
47838e958555ff6799d4d1d3994913943726daba5294cd89afe9036628ef6fdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: fa797448-32c3-4438-a192-5291c48b1d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKFq9oAMFgog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-46ff32923a2763b45a5194f4;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e8yBHmdX4duWFAhkjCeEprppre8BIVfdXzFZGTy0-WONltQxfqbbQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 21:34:38 GMT
age: 597
etag: "c48927fb23f59e0949d388086c197699c8f19d1b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 2d81ff60-65c6-4a7d-86d5-8853a961be0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwDm6GoOIAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb2f8-5acf67171c4b3ee87794ea02;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: udtvUr0tqVtI70L8glPQK3ePowPGstiizC9tb6U4kQg0JzsLqViUIg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:54 GMT
age: 86321
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/color.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/bootstrap.min.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/responsive.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/css/plugins.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:34 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/style.css HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/modernizr-2.8.3.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/popper.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/bootstrap.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/ajax-mail.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/vendor/jquery-1.12.4.min.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/plugins.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:35 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/styleswitch.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js
148.72.212.116200 OK 76 kB URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
Analyzer Verdict Alert fortinet Phishing
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/js/main.js HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/favicon.ico
148.72.212.116200 OK 76 kB IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (392), with CRLF line terminators
Hash 58b0e6179790053922e9988515df2aac
75326c4d0cf3f345b42096b026e6dded2a9fdbee
c27cdbfc78a22fb8bd575c3367cf61983eaed9a340b910feba4589cec56a1334
NIDS Severity Alert suricata high ET PHISHING Possible Phish - Mirrored Website Comment Observed
GET /favicon.ico HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:38 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/banner.jpg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/cirtiicate1.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/5.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate1.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/kwclogoo.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/1.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/2.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/events/1.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/certificate2.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:37 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/15.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/slider/16.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/principale.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/course/3.jpg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Analyzer Verdict Alert fortinet Phishing
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/naac_cirtiicate.jpeg HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:38 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png
148.72.212.116200 OK 0 B URL HTTP/1.1 wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png
IP 148.72.212.116:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/img/2.png HTTP/1.1
Host: wdck.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wdck.ac.in/.well-known/.w.ww/logo/login.alibaba.com/sign-in/ali/login.php
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 21:44:36 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8