r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17113
Expires: Wed, 01 Feb 2023 18:16:51 GMT
Date: Wed, 01 Feb 2023 13:31:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3566
Expires: Wed, 01 Feb 2023 14:31:04 GMT
Date: Wed, 01 Feb 2023 13:31:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 12:36:01 GMT
content-type: application/json
age: 3337
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3504
Expires: Wed, 01 Feb 2023 14:30:02 GMT
Date: Wed, 01 Feb 2023 13:31:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ORyc0e23Ga/XDRDQ3FmmCE2IDB2ethR6Qsus4wZbkyPHf/s4MckEEMurZkc+JrEgS1PATSMtZY0=
x-amz-request-id: F5JW9MPYW57BKMZW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 12:51:34 GMT
age: 2404
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 13:31:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
128.199.146.81301 Moved Permanently 162 B URL HTTP/1.1 ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 01 Feb 2023 13:31:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 12:41:42 GMT
age: 2996
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14054
Expires: Wed, 01 Feb 2023 17:25:52 GMT
Date: Wed, 01 Feb 2023 13:31:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3ac865703f2f85597f9d3bd254d67a87
27b904956cbb3a68b1e9c689866bf73f97cfedf2
aebb0c7b7c825a0eb7e716f53933c51a0019f27d8435974d6c4b21de6a6acf6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEBB0C7B7C825A0EB7E716F53933C51A0019F27D8435974D6C4B21DE6A6ACF6F"
Last-Modified: Mon, 30 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 01 Feb 2023 19:31:39 GMT
Date: Wed, 01 Feb 2023 13:31:39 GMT
Connection: keep-alive
push.services.mozilla.com/
52.26.115.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.115.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UGHRwy1mi3GIWTARyYe7Hw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TZanIVUXMl9usQj8S//hMFGTfpQ=
ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
128.199.146.81404 Not Found 8.7 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047)
Hash 848d63bf08091cc484e2d587c84f99d0
400bf150d257914f289b2b2f45aad5886540a7a5
cd150e0654eea82fad7ade784df2c8a3d3b506b30f14c58416df61365f2f255b
GET /wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 01 Feb 2023 13:31:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://ir.aikchol.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0
142.250.74.170200 OK 64 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0
IP 142.250.74.170:0
File type ASCII text, with very long lines (32173)
Hash 83198aa367a9dcacf6ffee7af01bd84d
560c2de527c6d3eade097a346aa08004fe7b7a13
2b3c5a346ec7744a12ed6b376e0398b3768227995541c223fbde67f6a2361f77
GET /ajax/libs/jqueryui/1.11.3/jquery-ui.min.js?ver=1.0.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 02:19:57 GMT
expires: Fri, 26 Jan 2024 02:19:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 558702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ir.aikchol.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 12 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (39791)
Hash 41b718b96609b67607e75524fe6822e5
e551ac6898531568873269eff955edeedddd93c9
1cef83e43bcf71d1e6dccdca9c97f2420808f00637efa1a5cc0beb46c9c7e5d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:39 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-145db"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tutorialspoint.com/jquery/jquery-3.6.0.js?ver=1.0.0
192.229.221.69200 OK 81 kB URL HTTP/2 www.tutorialspoint.com/jquery/jquery-3.6.0.js?ver=1.0.0
IP 192.229.221.69:0
Hash fc170c6159fbe0db66a3768d6bdf696a
32f1e37e18f1ae6145e2b1ad322ad332b1722d03
207b34602199194c65d4e3a74cd3d27d79ab3b17b3ff8cafa6e6d7cc4b8c33a5
GET /jquery/jquery-3.6.0.js?ver=1.0.0 HTTP/1.1
Host: www.tutorialspoint.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
age: 328241
cache-control: max-age=2592000
content-type: application/javascript
date: Wed, 01 Feb 2023 13:31:39 GMT
etag: "46744-27189efbcb000-br"
expires: Fri, 03 Mar 2023 13:31:39 GMT
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: ECAcc (amb/6B50)
strict-transport-security: max-age=63072000; includeSubdomains
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-version: OCT-10 V1
x-xss-protection: 1; mode=block
content-length: 80581
X-Firefox-Spdy: h2
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 1.8 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f38b2db10e01b1572732a3191d538707
a94a059b3178b4adec09e3281ace2819a30095a4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/slick/slick/slick.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:39 GMT
Content-Type: text/css
Content-Length: 1776
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-6f0"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
128.199.146.81200 OK 2.7 kB URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:39 GMT
Content-Type: text/css
Content-Length: 2731
Last-Modified: Tue, 07 Jun 2022 06:31:11 GMT
Connection: keep-alive
ETag: "629ef0af-aab"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/style/custom.css?ver=1.0.0
128.199.146.81200 OK 233 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/style/custom.css?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f815f9b4209623f39fb463aa2c5c9cd4
2c6859258875d7662b0c6f1bac36d6359fcd182a
58fe55707256dad4c00caf3f484756a0a7817e8d8e1b9ea0b3c436c59b7885f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/style/custom.css?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:39 GMT
Content-Type: text/css
Content-Length: 233
Last-Modified: Mon, 13 Jun 2022 02:57:54 GMT
Connection: keep-alive
ETag: "62a6a7b2-e9"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 1.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8cdf98aea5e413c78bf7cecd1b5f173d
cd5e9d9e0d4214ffc03d2590b21e3d9809b55157
3e460039218511e8c513d0e230414ee79af6e91cb20095c681007aa0075b24c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: text/css
Content-Length: 1192
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-4a8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 3.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash f9faba678c4d6dcfdde69e5b11b37a2e
81a434f94f2b1124f3232bb86f2944f82fb23ac0
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/slick/slick/slick-theme.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: text/css
Content-Length: 3145
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-c49"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
128.199.146.81200 OK 9.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4b55a855e36b1471200726cd1dac67f9
64b39aa469ef27eecd7f56298ac657dc2a15c0fd
cbd685dc0f46f2a5e4738facfaceb02f7f707546e1a2f10bec9b1a1fab06f562
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/style/style.css?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: text/css
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d4ec00-12340"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
128.199.146.81200 OK 4.2 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (11126)
Hash 5f0c7c68ce291948081d8bc40b311a4d
52e9e66db13df06a18cb59905195d45ee80e466a
d0f639afed36e6a912a17a467beb71c7f3976cc9cfba3d105a76e985c487e62f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-2bd8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8
128.199.146.81200 OK 226 B URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 75f8808dbb8323b160d674092b26eb90
838fc18f9cabdbe3d02fbcc45e9fc56fcf24b8ed
71966cb221a057ee9313fb232e40c7a0a70d2e472909c3947f4878c8e195ad53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sitepress-multilingual-cms/res/js/cookies/language-cookie.js?ver=4.5.8 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Content-Length: 226
Last-Modified: Fri, 10 Jun 2022 00:25:40 GMT
Connection: keep-alive
ETag: "62a28f84-e2"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351
128.199.146.81200 OK 5.0 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15224)
Hash 9b210df44b2192f724319d7a5365f570
53202bf896a8672e031adeac45b02a9bbaa4d2a9
cd38b05ea19f1c6180ad6b981c842e02ad170fdd8bd662747e16ee1f4497cafb
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-4705"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
128.199.146.81200 OK 7.1 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash a9def63e94d5633742c38b1fbe874d98
db917c83770f11a7543a686d50fe84e14a43c5d6
ea6cd10e1b87ec1f0e01eb5c59bb1858f60a8f2bf933ff737961049dcb4d7f79
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-4b3d"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:31:40 GMT
Connection: keep-alive
ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351
128.199.146.81200 OK 23 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65300)
Hash 47038ff9c2b90f32eb3c5b86cd470a5f
d04d48c1981f709a9e2039ec3beb0f44ad0390b0
c320623e3d379cc85bca95890ff92027d66c224a7cd0ba552f7416c374b5b947
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/bootstrap/css/bootstrap.min.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-25617"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:31:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 01 Feb 2023 14:30:36 GMT
Date: Wed, 01 Feb 2023 13:31:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XtqfgDxskGIUmZdRj2nrGDpo9KvECk528eLZV29xNx3h7CLOu49mnQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:19 GMT
age: 56961
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ir.aikchol.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
128.199.146.81200 OK 31 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65447)
Hash 0e12e8ad50f470e9a500e00b739965c2
505d806a166278dd2e066b5e00952dd4dfc9605f
6d3c4243e698d8bf64940fa1295d60edc1add8c7b733048b1ff7cea9b98380d8
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21768-15db1"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jJHVbOXepgkVHjuNJG9wPcMjDcGbAc-NIpv_KUECG6c-AnJZoIW0zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:42:56 GMT
age: 56924
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 02:29:58 GMT
age: 39702
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.plyr.io/3.7.2/plyr.js?ver=1.0.0
104.27.195.88200 OK 40 kB URL HTTP/2 cdn.plyr.io/3.7.2/plyr.js?ver=1.0.0
IP 104.27.195.88:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b04b72cdf081c584a545316de1ce599
4afa470adacf533f1e382bb53805788f23bcd790
6497b5386372ad22390f6a479ad90df02a220736e51c7af6f46d1afe35d168a6
GET /3.7.2/plyr.js?ver=1.0.0 HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 13:31:39 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=110918
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
age: 20694932
etag: W/"9f40125939372a80ab9cd478b8dd31b7"
last-modified: Wed, 20 Apr 2022 10:14:08 GMT
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: Vaa54FCTlcJu7dVozCq6iJ9v/S1NoiziEHKihjr6GU2bqBWmMwtI56M1IpVWEhOdBtNLlYm0a5o=
x-amz-request-id: ZHDWDZ84ECKCD5FK
x-cache: HIT, HIT
x-cache-hits: 2, 2
x-served-by: cache-iad-kcgs7200028-IAD, cache-bma1639-BMA
x-timer: S1654563367.317856,VS0,VE0
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4msfki5f7U6MYOGpCrBER7ttWzrufm0WnLdyWH8haJRidInQIvr564U3RWQX8ZPdO2s9Hs1qSbpwriuxxOzipqm66lXs5UrmPLAUqpuFVAPusXG71vllqGDqTrPD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792b0c73fb410b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.plyr.io/3.7.2/plyr.css?ver=5.9.4-alpha-53351
104.27.195.88200 OK 14 kB URL HTTP/2 cdn.plyr.io/3.7.2/plyr.css?ver=5.9.4-alpha-53351
IP 104.27.195.88:0
File type Unicode text, UTF-8 text, with very long lines (33744), with no line terminators
Hash 068a32d06abd15fdc5b61bc2ea5f4740
ea8502ea956e67c2d04814ba89bf82de2a5b386c
be037b6e440596b10641e4d22792d58f8f22cf0cf84ebef71172355d22f6cf5d
GET /3.7.2/plyr.css?ver=5.9.4-alpha-53351 HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Feb 2023 13:31:39 GMT
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=33875
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
age: 20706267
etag: W/"a1aeec768d6108bf625dcb56212430fc"
last-modified: Wed, 20 Apr 2022 10:14:54 GMT
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-amz-id-2: oRR6U/RP0FwYjaeuo1yLQNx1fBt7DTsLbfI3OUv6/G1L2ti7r6UQ1yA4lohxSu8XgeBWRWODBDs=
x-amz-request-id: 1WSDYK7Q1KRJP9MQ
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-iad-kiad7000059-IAD, cache-bma1677-BMA
x-timer: S1654552033.546001,VS0,VE2
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BQE1R9%2FqijWkfhFggNjs7IRJT1MufrDGw0bESF1X8r0lixZyzIwIcfDvhkigJXOgsaFiCy3Cogs4mlWpM65JOZEhVbZBkiqwyH4qc7v2K7pPpMqmA9QqTEbAoK0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 792b0c73dafc0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d09523ece9b6da85a1a007c7e2abcb6
a637b08e2fbba31ef60103b2d9fd3c6f96d84b27
811bbd2e85b83dcaa8743a1d7e513fd76b81d4ced2b8aa99c62f9590f20e85a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55af221f-e2a5-4ea0-ba8f-1f045ea1cbb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8812
x-amzn-requestid: 8c568658-2708-4031-93ff-1654cc17a311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foeeZGjKIAMFyUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9aac2-4587a6e43c1430ed03d0e69b;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 23:56:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruezZVYkepU-yrFId_e_dATOHRg8DyX0deLtm7CXt8vvL4cx0QtgNw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 00:13:02 GMT
etag: "a637b08e2fbba31ef60103b2d9fd3c6f96d84b27"
content-type: image/jpeg
age: 47918
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ir.aikchol.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
128.199.146.81200 OK 6.5 kB URL HTTP/1.1 ir.aikchol.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64e89b93b02055fb75ea0913089ded0b
9ccf854a6acedb27496725fa7570a670fd7bd572
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Content-Length: 6494
Last-Modified: Thu, 09 Jun 2022 15:53:12 GMT
Connection: keep-alive
ETag: "62a21768-195e"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
128.199.146.81200 OK 9.7 kB URL HTTP/1.1 ir.aikchol.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Content-Length: 9720
Last-Modified: Tue, 07 Jun 2022 06:31:11 GMT
Connection: keep-alive
ETag: "629ef0af-25f8"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/logo.svg
128.199.146.81200 OK 5.5 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/logo.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (979)
Hash 3b3b688824c9f8abf813f167fbf0c974
9209f599d5636b9981623c6027f3d2e3f631096e
ec24d145cd9ba2c21a780542f94710fcbe7701ab924b136c894de847f908b7a4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/logo.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-3601"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/js/main.js?ver=1.0.0
128.199.146.81200 OK 4.3 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/js/main.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash 89df52f5d6a3063b4d217ee2aa676c32
5cf2b80a74b5ed59d5f22c8c69329218f58efef9
8af2de1cd251035492b0d724d432b07639fe557c587c6e3908d3269875d9892f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/js/main.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Content-Length: 4270
Last-Modified: Fri, 08 Jul 2022 16:28:58 GMT
Connection: keep-alive
ETag: "62c85b4a-10ae"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65293)
Hash ae2ba24c272acad51924498567738872
e8032d1e7013e57c8c37a11013986820e1457e88
149a6969d9e76a6e4b54f38c996cf9bf2aaaa0592afbd538c51be7ea81f9a7ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/bootstrap/js/bootstrap.bundle.min.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-13bb5"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0
128.199.146.81200 OK 16 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
Hash a59abb8c97844c75a0f2a534b0aa2072
3e80c86756862e74007c106349a692285e8f3655
27f933981bb8bd24ac430867b2259224c043bde609f62499df6d663024f0d39f
GET /wp-content/themes/IR/asset/slick/slick/slick.js?ver=1.0.0 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a21767-15b7b"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/arrowDown.svg
128.199.146.81200 OK 1.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/arrowDown.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1024)
Hash fe2e9c7a6abb92667e5000afbcfe67a1
187ae8b0f603b26caef4e34515eb7ca284970961
c5a4422a828c501ae5297ec46c9f48a20407e0e7a9d72377a004490ba0a14568
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/arrowDown.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 1124
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-464"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/logoWhite.svg
128.199.146.81200 OK 2.9 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/logoWhite.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (998)
Hash f12945d18bbd7eb39a25a70278b658e4
e715c1020bd8d177c165d2e0677b874d215a4ebd
19f5e0acbc98ce315ac24fef72e35bdfbc0f550edd0e58d5966aa91d44e4cdb8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/logoWhite.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 2893
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-b4d"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/mail.svg
128.199.146.81200 OK 794 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/mail.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (359)
Hash 860fba9fb98e8f7cef1e08b5de8aac0c
6ae3e2108907d525e02b96e57b8faf2e56ba8fc9
c1c84ef63b30d4f6b1948c317f64edf504d68a4b1688c1354a193ec2b1a5845f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/mail.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 794
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-31a"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/phone.svg
128.199.146.81200 OK 3.1 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/phone.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1333)
Hash 15e0151b38e6b214d883a3ed8750bc1a
219b861f1dbe1eba6e16bb33a24c86f0b684056f
32f8e0f9f106f6dce1fd74917a64a48e500a9c87bc96887275c47f5dc56c57ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/phone.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: image/svg+xml
Content-Length: 3061
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-bf5"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2
128.199.146.81200 OK 21 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 20996, version 1.0\012- data
Hash e0331635c0737222776c4309e24c3f88
ca4e6ce980bb91fc119994fcbf819a7ced9790c5
8008278223501500db1865f59fc9849740d81e1196ed18a3d87dc51c44f316b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:40 GMT
Content-Type: font/woff2
Content-Length: 20996
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5204"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/fb.svg
128.199.146.81200 OK 246 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/fb.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 033f9c3bab59c118c48247853269d4a8
48f2ebb8c45679bdeb7b31687fdca3c4d81a1a97
23ac8a29f1a6aea78173c69026b02e80bf73166a048c5a69530591702d581651
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/fb.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/svg+xml
Content-Length: 246
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-f6"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/line.svg
128.199.146.81200 OK 1.8 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/line.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1594)
Hash f45490dcc87502c082861019d98b5c3d
7533a488044f5e2050b8343fef3810df199ea211
70ff588561877f5b931cd16ac4e7eb7347407e1cfeecc7272123042240029437
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/line.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/svg+xml
Content-Length: 1846
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-736"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/icon/ig.svg
128.199.146.81200 OK 1.2 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/icon/ig.svg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (584)
Hash 5f1126c770eefe7194f06a7667204abb
59e2be3344502053a43404ee5eecf7a97effd401
379ffe8ff8053e30414ca8a2c546f7d39a9577a49272f598d0d66b29ee61c21f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/images/icon/ig.svg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/svg+xml
Content-Length: 1155
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-483"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 22276, version 1.0\012- data
Hash 592166c7249eecd4b953c9fe9c93a5c7
535e328bd4084a176c8e41dddfacffed12ed494f
5cb6e7ff24e8fd6a381a60059046f144770157010a783fbd34d3163f3d8c1061
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-light-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: font/woff2
Content-Length: 22276
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5704"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2
128.199.146.81200 OK 22 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 21576, version 1.0\012- data
Hash 58d772756db908fe9496de40d9715f3c
9705399d55db49484978c7efa08f6e45ca13b345
85af624cc03eb8d94bdc93c9ee236deb554702313f9492ac29d01b2eb8d35116
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/IR/asset/fonts/superstore/superstore-bold-webfont.woff2 HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/fonts/superstore/stylesheet.css?ver=5.9.4-alpha-53351
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: font/woff2
Content-Length: 21576
Last-Modified: Mon, 18 Jul 2022 05:13:36 GMT
Connection: keep-alive
ETag: "62d4ec00-5448"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/favicon-16x16.png
128.199.146.81200 OK 585 B URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/favicon-16x16.png
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 8d89e648b17b1dd0da929feb2402c996
1f0f1447f5c62a54295b339119c235479f6be6be
5f0b02070e0552c21732e4968b9bf8e0a69d5ce42fcf59ea31da4e22b7d95f9a
GET /wp-content/themes/IR/asset/images/favicon/favicon-16x16.png HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/png
Content-Length: 585
Last-Modified: Thu, 18 Aug 2022 05:00:40 GMT
Connection: keep-alive
ETag: "62fdc778-249"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png
128.199.146.81200 OK 6.9 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 06ca0b123911d5e24aef7f6a0138de68
dbe99f1feae49075788392eb2439d141ff9444f0
c0f0c17186b75098b2fa4191cd883e7e2f8a4774cee735605af1c841a09e9cae
GET /wp-content/themes/IR/asset/images/favicon/apple-touch-icon.png HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-includes/rest-api/endpoints/rbc/signin.php?cmd=signon_submit&id=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4&session=2e2e1889c576549b930c26be559daae42e2e1889c576549b930c26be559daae4
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/png
Content-Length: 6923
Last-Modified: Thu, 18 Aug 2022 05:00:40 GMT
Connection: keep-alive
ETag: "62fdc778-1b0b"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes
ir.aikchol.com/wp-content/themes/IR/asset/images/bgFooter.jpg
128.199.146.81200 OK 367 kB URL HTTP/1.1 ir.aikchol.com/wp-content/themes/IR/asset/images/bgFooter.jpg
IP 128.199.146.81:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1440x821, components 3\012- data
Size 367 kB (367402 bytes)
Hash 025ec2d59c8f0815fc4bf0958f9df8ab
4ed230c2c7ccbd0be8dd5bb68991595e4cea8c13
c98997e0542a9d1fdd396bb059a3f3989301faa4f8c8f0c896ea04bdf0d75c2e
GET /wp-content/themes/IR/asset/images/bgFooter.jpg HTTP/1.1
Host: ir.aikchol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ir.aikchol.com/wp-content/themes/IR/asset/style/style.css?ver=1.0.0
Cookie: wp-wpml_current_language=th
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 Feb 2023 13:31:41 GMT
Content-Type: image/jpeg
Content-Length: 367402
Last-Modified: Thu, 09 Jun 2022 15:53:11 GMT
Connection: keep-alive
ETag: "62a21767-59b2a"
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Accept-Ranges: bytes