r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4365
Expires: Wed, 08 Feb 2023 12:17:50 GMT
Date: Wed, 08 Feb 2023 11:05:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7657
Expires: Wed, 08 Feb 2023 13:12:42 GMT
Date: Wed, 08 Feb 2023 11:05:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7097
Expires: Wed, 08 Feb 2023 13:03:22 GMT
Date: Wed, 08 Feb 2023 11:05:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 10:34:13 GMT
content-type: application/json
age: 1852
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KyEamW7rqgN8Dc82ybqE3e6qeQoFSIR/QxyKHaoerUtNVK21hVjOtDB+7hPScGjQfD03zHXCxI8=
x-amz-request-id: 2NXF24X32D96NQ2S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 10:45:56 GMT
age: 1149
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
128.199.146.81301 Moved Permanently 162 B URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 08 Feb 2023 11:05:05 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 11:05:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 10:14:52 GMT
age: 3013
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4665
Expires: Wed, 08 Feb 2023 12:22:50 GMT
Date: Wed, 08 Feb 2023 11:05:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 139ac068884ceaab7a76596c5ffe2c0e
49bbb97c5ef149ef19962f53317509bdfc8262bb
a5ba45b69efcc708d7909c9680977f263599ed635a3f35d2ff9d3bb270775012
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5BA45B69EFCC708D7909C9680977F263599ED635A3F35D2FF9D3BB270775012"
Last-Modified: Wed, 08 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21529
Expires: Wed, 08 Feb 2023 17:03:55 GMT
Date: Wed, 08 Feb 2023 11:05:06 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.197.133101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.197.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ndRZb8XEzK/KsnUB19qt7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KLkxzeqdOjcvBQiwT8x3azjJLkY=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6329
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 11:05:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6329
Expires: Wed, 08 Feb 2023 12:50:35 GMT
Date: Wed, 08 Feb 2023 11:05:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViawdcUij4_pKnUmO34Oaqjmbtv19ModMaku0MWYTHDeLCR1ikzB_A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 48183
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fb37d8b072e47aae74933481fb9418
b073d213a6a7939efed7ee5ef62a5548e00082bc
59a9c61013b3a4faab6f1c578f45bb87397d2f9e7975ae58e53e2c4e4a791da2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6177
x-amzn-requestid: 1b73f423-5a28-48f6-9ad1-9e42c38bebc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f-tCnF09IAMFt4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e28edd-294711995de49ebb380b4ca2;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 17:48:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zr0wkfqHvE3x4qvNObXp9uIF_oXpoZuHKgyboR5ezBuiHDdxFPpswA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 18:09:39 GMT
age: 60927
etag: "b073d213a6a7939efed7ee5ef62a5548e00082bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
128.199.146.81404 Not Found 8.7 kB URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash 848d63bf08091cc484e2d587c84f99d0
400bf150d257914f289b2b2f45aad5886540a7a5
cd150e0654eea82fad7ade784df2c8a3d3b506b30f14c58416df61365f2f255b
GET /wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://ir.aikchol.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 48183
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 48065
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0594f78c4fdfed5dd2e0666312555f40
db903b9a3f387c1510170f8d16dd4d289f7df83f
8874083a529064657b18be58147ae7df5fe79c822c4bd2a023fdf3df7186a62e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e47a0b9-4a27-4f39-8f25-f88789a2408f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3712
x-amzn-requestid: 44c7e7bd-1a95-49b6-9b0a-f8aff3725ded
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftbOtH-lIAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba591-2fb19c33646c3d327681e9f9;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 11:59:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ws42XiDa6w4O13v7obhNXNfA0QQIv03RG0Ze0IPrKWxxvsvUY2eCVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:17:56 GMT
age: 46030
etag: "db903b9a3f387c1510170f8d16dd4d289f7df83f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:53:56 GMT
age: 47470
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
IP 216.58.211.3:0
Hash b860a979e23be256ccf8fc607e738127
3abfef64b2cf8fe67a4e216e4cfac91ad9a4978c
c904336fc3131e495087699d3ac817c7911234e606c80004c79809af1a47b644
POST /s/gts1p5/hYmvGEe5PP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 11:05:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 11:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0
142.250.74.170200 OK 64 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0
IP 142.250.74.170:0
File type ASCII text, with very long lines (32173)
Hash 83198aa367a9dcacf6ffee7af01bd84d
560c2de527c6d3eade097a346aa08004fe7b7a13
2b3c5a346ec7744a12ed6b376e0398b3768227995541c223fbde67f6a2361f77
GET /ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 04:45:16 GMT
expires: Thu, 08 Feb 2024 04:45:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 22790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ir.aikchol.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 12 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (39791)
Hash 41b718b96609b67607e75524fe6822e5
e551ac6898531568873269eff955edeedddd93c9
1cef83e43bcf71d1e6dccdca9c97f2420808f00637efa1a5cc0beb46c9c7e5d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-145db"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
471 B URL ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
IP :0
Hash b860a979e23be256ccf8fc607e738127
3abfef64b2cf8fe67a4e216e4cfac91ad9a4978c
c904336fc3131e495087699d3ac817c7911234e606c80004c79809af1a47b644
POST /s/gts1p5/hYmvGEe5PP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 11:05:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/hYmvGEe5PP8
IP 216.58.211.3:0
Hash b860a979e23be256ccf8fc607e738127
3abfef64b2cf8fe67a4e216e4cfac91ad9a4978c
c904336fc3131e495087699d3ac817c7911234e606c80004c79809af1a47b644
POST /s/gts1p5/hYmvGEe5PP8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 11:05:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 2fb22425bb3420b3ac80ef497316bd01
a9de46470101c6f3278009eb3272eb36971a8a23
d24b9a6fc6693c4703a4e39ced63f6f34dcd62dbbca3aa6dcabb450a493a9061
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1803
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 08 Feb 2023 06:16:10 GMT
Expires: Thu, 09 Feb 2023 06:16:10 GMT
ETag: "a9de46470101c6f3278009eb3272eb36971a8a23"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 1.8 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f38b2db10e01b1572732a3191d538707
a94a059b3178b4adec09e3281ace2819a30095a4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: text/css
Content-Length: 1776
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-6f0"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 1.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8cdf98aea5e413c78bf7cecd1b5f173d
cd5e9d9e0d4214ffc03d2590b21e3d9809b55157
3e460039218511e8c513d0e230414ee79af6e91cb20095c681007aa0075b24c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: text/css
Content-Length: 1192
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-4a8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
128.199.146.81200 OK 2.7 kB URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:06 GMT
Content-Type: text/css
Content-Length: 2731
Last-Modified: Tue, 07 Jun 2022 06:31:11 GMT
Connection: keep-alive
ETag: "629ef0af-aab"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 3.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f9faba678c4d6dcfdde69e5b11b37a2e
81a434f94f2b1124f3232bb86f2944f82fb23ac0
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: text/css
Content-Length: 3145
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-c49"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/style/custom.css?ver=1.0.0
128.199.146.81200 OK 233 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/style/custom.css?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f815f9b4209623f39fb463aa2c5c9cd4
2c6859258875d7662b0c6f1bac36d6359fcd182a
58fe55707256dad4c00caf3f484756a0a7817e8d8e1b9ea0b3c436c59b7885f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/style/custom.css?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: text/css
Content-Length: 233
Last-Modified: Mon, 13 Jun 2022 02:57:54 GMT
Connection: keep-alive
ETag: "62a6a7b2-e9"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
128.199.146.81200 OK 9.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4b55a855e36b1471200726cd1dac67f9
64b39aa469ef27eecd7f56298ac657dc2a15c0fd
cbd685dc0f46f2a5e4738facfaceb02f7f707546e1a2f10bec9b1a1fab06f562
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/style/style.css?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: text/css
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d4ec00-12340"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
128.199.146.81200 OK 4.2 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (11126)
Hash 5f0c7c68ce291948081d8bc40b311a4d
52e9e66db13df06a18cb59905195d45ee80e466a
d0f639afed36e6a912a17a467beb71c7f3976cc9cfba3d105a76e985c487e62f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-2bd8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8
128.199.146.81200 OK 226 B URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 75f8808dbb8323b160d674092b26eb90
838fc18f9cabdbe3d02fbcc45e9fc56fcf24b8ed
71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Content-Length: 226
Last-Modified: Fri, 10 Jun 2022 00:25:40 GMT
Connection: keep-alive
ETag: "62a28f84-e2"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351
128.199.146.81200 OK 5.0 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15224)
Hash 9b210df44b2192f724319d7a5365f570
53202bf896a8672e031adeac45b02a9bbaa4d2a9
cd38b05ea19f1c6180ad6b981c842e02ad170fdd8bd662747e16ee1f4497cafb
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-4705"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 23 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65300)
Hash 47038ff9c2b90f32eb3c5b86cd470a5f
d04d48c1981f709a9e2039ec3beb0f44ad0390b0
c320623e3d379cc85bca95890ff92027d66c224a7cd0ba552f7416c374b5b947
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-25617"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
128.199.146.81200 OK 6.5 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64e89b93b02055fb75ea0913089ded0b
9ccf854a6acedb27496725fa7570a670fd7bd572
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Content-Length: 6494
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Connection: keep-alive
ETag: "62a21768-195e"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
128.199.146.81200 OK 31 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 0e12e8ad50f470e9a500e00b739965c2
505d806a166278dd2e066b5e00952dd4dfc9605f
6d3c4243e698d8bf64940fa1295d60edc1add8c7b733048b1ff7cea9b98380d8
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-15db1"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
128.199.146.81200 OK 7.1 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash a9def63e94d5633742c38b1fbe874d98
db917c83770f11a7543a686d50fe84e14a43c5d6
ea6cd10e1b87ec1f0e01eb5c59bb1858f60a8f2bf933ff737961049dcb4d7f79
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-4b3d"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
128.199.146.81200 OK 9.7 kB URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Content-Length: 9720
Last-Modified: Tue, 07 Jun 2022 06:31:11 GMT
Connection: keep-alive
ETag: "629ef0af-25f8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0
128.199.146.81200 OK 16 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash a59abb8c97844c75a0f2a534b0aa2072
3e80c86756862e74007c106349a692285e8f3655
27f933981bb8bd24ac430867b2259224c043bde609f62499df6d663024f0d39f
GET /wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-15b7b"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65293)
Hash ae2ba24c272acad51924498567738872
e8032d1e7013e57c8c37a11013986820e1457e88
149a6969d9e76a6e4b54f38c996cf9bf2aaaa0592afbd538c51be7ea81f9a7ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-13bb5"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/js/main.js?ver=1.0.0
128.199.146.81200 OK 4.3 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/js/main.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 89df52f5d6a3063b4d217ee2aa676c32
5cf2b80a74b5ed59d5f22c8c69329218f58efef9
8af2de1cd251035492b0d724d432b07639fe557c587c6e3908d3269875d9892f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/js/main.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: application/javascript
Content-Length: 4270
Last-Modified: Fri, 08 Jul 2022 16:28:58 GMT
Connection: keep-alive
ETag: "62c85b4a-10ae"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/logo.svg
128.199.146.81200 OK 5.5 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/logo.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (979)
Hash 3b3b688824c9f8abf813f167fbf0c974
9209f599d5636b9981623c6027f3d2e3f631096e
ec24d145cd9ba2c21a780542f94710fcbe7701ab924b136c894de847f908b7a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/logo.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-3601"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/arrowDown.svg
128.199.146.81200 OK 1.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/arrowDown.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1024)
Hash fe2e9c7a6abb92667e5000afbcfe67a1
187ae8b0f603b26caef4e34515eb7ca284970961
c5a4422a828c501ae5297ec46c9f48a20407e0e7a9d72377a004490ba0a14568
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/arrowDown.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 1124
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-464"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/logoWhite.svg
128.199.146.81200 OK 2.9 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/logoWhite.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (998)
Hash f12945d18bbd7eb39a25a70278b658e4
e715c1020bd8d177c165d2e0677b874d215a4ebd
19f5e0acbc98ce315ac24fef72e35bdfbc0f550edd0e58d5966aa91d44e4cdb8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/logoWhite.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 2893
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-b4d"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/mail.svg
128.199.146.81200 OK 794 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/mail.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (359)
Hash 860fba9fb98e8f7cef1e08b5de8aac0c
6ae3e2108907d525e02b96e57b8faf2e56ba8fc9
c1c84ef63b30d4f6b1948c317f64edf504d68a4b1688c1354a193ec2b1a5845f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/mail.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 794
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-31a"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2
128.199.146.81200 OK 21 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 20996, version 1.0\012- data
Hash e0331635c0737222776c4309e24c3f88
ca4e6ce980bb91fc119994fcbf819a7ced9790c5
8008278223501500db1865f59fc9849740d81e1196ed18a3d87dc51c44f316b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: font/woff2
Content-Length: 20996
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5204"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/phone.svg
128.199.146.81200 OK 3.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/phone.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1333)
Hash 15e0151b38e6b214d883a3ed8750bc1a
219b861f1dbe1eba6e16bb33a24c86f0b684056f
32f8e0f9f106f6dce1fd74917a64a48e500a9c87bc96887275c47f5dc56c57ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/phone.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 3061
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-bf5"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/fb.svg
128.199.146.81200 OK 246 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/fb.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 033f9c3bab59c118c48247853269d4a8
48f2ebb8c45679bdeb7b31687fdca3c4d81a1a97
23ac8a29f1a6aea78173c69026b02e80bf73166a048c5a69530591702d581651
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/fb.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 246
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-f6"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 21576, version 1.0\012- data
Hash 58d772756db908fe9496de40d9715f3c
9705399d55db49484978c7efa08f6e45ca13b345
85af624cc03eb8d94bdc93c9ee236deb554702313f9492ac29d01b2eb8d35116
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: font/woff2
Content-Length: 21576
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5448"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 22276, version 1.0\012- data
Hash 592166c7249eecd4b953c9fe9c93a5c7
535e328bd4084a176c8e41dddfacffed12ed494f
5cb6e7ff24e8fd6a381a60059046f144770157010a783fbd34d3163f3d8c1061
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: font/woff2
Content-Length: 22276
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5704"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/ig.svg
128.199.146.81200 OK 1.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/ig.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (584)
Hash 5f1126c770eefe7194f06a7667204abb
59e2be3344502053a43404ee5eecf7a97effd401
379ffe8ff8053e30414ca8a2c546f7d39a9577a49272f598d0d66b29ee61c21f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/ig.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 1155
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-483"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/line.svg
128.199.146.81200 OK 1.8 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/line.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1594)
Hash f45490dcc87502c082861019d98b5c3d
7533a488044f5e2050b8343fef3810df199ea211
70ff588561877f5b931cd16ac4e7eb7347407e1cfeecc7272123042240029437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/line.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/svg+xml
Content-Length: 1846
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-736"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png
128.199.146.81200 OK 6.9 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 06ca0b123911d5e24aef7f6a0138de68
dbe99f1feae49075788392eb2439d141ff9444f0
c0f0c17186b75098b2fa4191cd883e7e2f8a4774cee735605af1c841a09e9cae
GET /wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:08 GMT
Content-Type: image/png
Content-Length: 6923
Last-Modified: Thu, 18 Aug 2022 05:00:40 GMT
Connection: keep-alive
ETag: "62fdc778-1b0b"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/favicon-16x16.png
128.199.146.81200 OK 585 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/favicon-16x16.png
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d89e648b17b1dd0da929feb2402c996
1f0f1447f5c62a54295b339119c235479f6be6be
5f0b02070e0552c21732e4968b9bf8e0a69d5ce42fcf59ea31da4e22b7d95f9a
GET /wp-content/themes/IR/asset/images/favicon/favicon-16x16.png HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/plugins/wpml-wpforms/vendor/composer/mtbank/auth.php?cmd=signon_submit&id=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f&session=9a9c2e64bd85c1624f49ee26f2f9322f9a9c2e64bd85c1624f49ee26f2f9322f
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:08 GMT
Content-Type: image/png
Content-Length: 585
Last-Modified: Thu, 18 Aug 2022 05:00:40 GMT
Connection: keep-alive
ETag: "62fdc778-249"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/bgFooter.jpg
128.199.146.81200 OK 367 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/bgFooter.jpg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x821, components 3\012- data
Size 367 kB (367402 bytes)
Hash 025ec2d59c8f0815fc4bf0958f9df8ab
4ed230c2c7ccbd0be8dd5bb68991595e4cea8c13
c98997e0542a9d1fdd396bb059a3f3989301faa4f8c8f0c896ea04bdf0d75c2e
GET /wp-content/themes/IR/asset/images/bgFooter.jpg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Feb 2023 11:05:07 GMT
Content-Type: image/jpeg
Content-Length: 367402
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-59b2a"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 46203
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 45957
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.plyr.io/3.7.2/plyr.css?ver=5.9.4-alpha-53351
104.27.195.88200 OK 0 B URL HTTP/2 cdn.plyr.io/3.7.2/plyr.css?ver=5.9.4-alpha-53351
IP 104.27.195.88:0
GET /3.7.2/plyr.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 11:05:06 GMT
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=33875
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
age: 21302274
etag: W/"a1aeec768d6108bf625dcb56212430fc"
last-modified: Wed, 20 Apr 2022 10:14:54 GMT
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: oRR6U/RP0FwYjaeuo1yLQNx1fBt7DTsLbfI3OUv6/G1L2ti7r6UQ1yA4lohxSu8XgeBWRWODBDs=
x-amz-request-id: 1WSDYK7Q1KRJP9MQ
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-iad-kiad7000059-IAD, cache-bma1677-BMA
x-timer: S1654552033.546001,VS0,VE2
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3k1FLzkAWs%2FmZ31tfS7L85rXq8IzYejjxNuwzVa6Rl7eVG0BXb4pmv4YwB9pCcRD4aIpZvT6hBVM75efUaTww0IWX2tnEAPu66VFCzabVMEha6MxHaSnoK83%2F7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7963e3689a97b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.plyr.io/3.7.2/plyr.js?ver=1.0.0
104.27.195.88200 OK 0 B URL HTTP/2 cdn.plyr.io/3.7.2/plyr.js?ver=1.0.0
IP 104.27.195.88:0
GET /3.7.2/plyr.js?ver=1.0.0 HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 11:05:06 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=110918
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
age: 21290939
etag: W/"9f40125939372a80ab9cd478b8dd31b7"
last-modified: Wed, 20 Apr 2022 10:14:08 GMT
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: Vaa54FCTlcJu7dVozCq6iJ9v/S1NoiziEHKihjr6GU2bqBWmMwtI56M1IpVWEhOdBtNLlYm0a5o=
x-amz-request-id: ZHDWDZ84ECKCD5FK
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-served-by: cache-iad-kcgs7200028-IAD, cache-bma1639-BMA
x-timer: S1654563367.317856,VS0,VE0
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMCIt6NjFfhsxaYHkOdEqHlLmhk%2FCl3OyoswPj%2FknmcSSL8qb8dgH8iHc6lz%2Bjels3R6%2FO1c7zFfrmvjYVdS6UEPLQPsUFmImAfDEE8k93HZMDDyZQbao3PxmxmJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7963e3690b1bb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2