urlscan.io logo urlscan.io
SecurityTrails logo

koafaimoor.net Open in urlscan Pro
139.45.197.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Effective URL: https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Submission Tags: @phish_report
Submission: On July 28 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 11 domains to perform 40 HTTP transactions. The main IP is 139.45.197.244, located in United Kingdom and belongs to RETN-AS, GB. The main domain is koafaimoor.net.
TLS certificate: Issued by R10 on June 26th 2024. Valid for: 3 months.
This is the only time koafaimoor.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 202.44.15.3 9551 (KMUTT-AP ...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.192.237 54113 (FASTLY)
2 3 151.101.64.238 54113 (FASTLY)
1 151.101.0.238 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
3 172.67.166.34 13335 (CLOUDFLAR...)
1 12 139.45.197.244 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
40 11
1    202.44.15.3 (Thailand)

ASN9551 (KMUTT-AP King Mongkuts University of Technology, TH)
sola.pr.kmutt.ac.th
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.192.237 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.squarespace.com
3    151.101.64.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
static1.squarespace.com
1    151.101.0.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
images.squarespace-cdn.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    172.67.166.34 (United States)

ASN13335 (CLOUDFLARENET, US)
zeniscold.shop
12    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
koafaimoor.net
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
Apex Domain
Subdomains		 Transfer
12 koafaimoor.net
koafaimoor.net
31 KB
4 squarespace.com
assets.squarespace.com — Cisco Umbrella Rank: 9585
akamai-assets.squarespace.com Failed
static1.squarespace.com — Cisco Umbrella Rank: 9497
161 KB
3 zeniscold.shop
zeniscold.shop
8 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 5822
996 B
2 gstatic.com
fonts.gstatic.com
45 KB
1 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 8177
111 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
7 KB
1 kmutt.ac.th
sola.pr.kmutt.ac.th
79 KB
0 etoro.com Failed
www.etoro.com Failed
0 cloudflareinsights.com Failed
static.cloudflareinsights.com Failed
40 11
Domain Requested by
12 koafaimoor.net 1 redirects sola.pr.kmutt.ac.th
koafaimoor.net
3 zeniscold.shop sola.pr.kmutt.ac.th
zeniscold.shop
3 static1.squarespace.com 2 redirects sola.pr.kmutt.ac.th
2 my.rtmark.net koafaimoor.net
2 fonts.gstatic.com fonts.googleapis.com
1 images.squarespace-cdn.com sola.pr.kmutt.ac.th
1 assets.squarespace.com sola.pr.kmutt.ac.th
1 fonts.googleapis.com sola.pr.kmutt.ac.th
1 use.typekit.net sola.pr.kmutt.ac.th
1 sola.pr.kmutt.ac.th
0 www.etoro.com Failed
0 static.cloudflareinsights.com Failed sola.pr.kmutt.ac.th
0 akamai-assets.squarespace.com Failed sola.pr.kmutt.ac.th
40 13

This site contains no links.

Subject Issuer Validity Valid
sola.pr.kmutt.ac.th
Sectigo RSA Domain Validation Secure Server CA		 2024-04-09 -
2025-05-09		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.squarespace.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-09 -
2025-02-28		 a year crt.sh
*.squarespace-cdn.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
zeniscold.shop
WE1		 2024-07-20 -
2024-10-18		 3 months crt.sh
koafaimoor.net
R10		 2024-06-26 -
2024-09-24		 3 months crt.sh
rtmark.net
R11		 2024-07-05 -
2024-10-03		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.etoro.com/?utm_medium=Networks&utm_source=72681&utm_content=12087&utm_serial=&utm_campaign=&utm_term=
Frame ID: A03973DC3C87F4BD79C61B753C83D3CD
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirect

Page URL History Show full URLs

  1. https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178 Page URL
  2. https://zeniscold.shop/redrock Page URL
  3. https://koafaimoor.net/4/6841525 Page URL
  4. https://koafaimoor.net/?z=6841525&syncedCookie=true&rhd=false HTTP 302
    https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

40
Requests

57 %
HTTPS

30 %
IPv6

11
Domains

13
Subdomains

11
IPs

5
Countries

442 kB
Transfer

1729 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178 Page URL
  2. https://zeniscold.shop/redrock Page URL
  3. https://koafaimoor.net/4/6841525 Page URL
  4. https://koafaimoor.net/?z=6841525&syncedCookie=true&rhd=false HTTP 302
    https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://assets.squarespace.com/universal/styles-compressed/commerce-2af06f7948db5477d8f5-min.id-ID.css HTTP 307
  • https://akamai-assets.squarespace.com/universal/styles-compressed/commerce-2af06f7948db5477d8f5-min.id-ID.css
Request Chain 13
  • https://assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css HTTP 307
  • https://akamai-assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css
Request Chain 15
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1525/site.css HTTP 301
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1543/site.css HTTP 301
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1545/site.css
Request Chain 36
  • https://koafaimoor.net/?z=6118780&syncedCookie=false&rhd=false HTTP 302
  • https://med.etoro.com/B12087_A72681_TClick.aspx HTTP 301
  • https://www.etoro.com/?utm_medium=Networks&utm_source=72681&utm_content=12087&utm_serial=&utm_campaign=&utm_term=

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/ 		78 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.44.15.3 , Thailand, ASN9551 (KMUTT-AP King Mongkuts University of Technology, TH),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.32 / PHP/7.0.32
Resource Hash
55b5d7e6dbc2032d35177290c4a282e98fa60d86dc3f0d7ee04fac14f8941bfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sun, 28 Jul 2024 13:27:55 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.32
Transfer-Encoding
chunked
X-Powered-By
PHP/7.0.32
yoj7ktUHIoOLLypXB5IBGR6450N-haxoGa4h55qZ-XwfecbJXnX1IyvhF2jtFRZLFRjXjAZKjABcZQBqjcjuFA9hwRiRwhbUe6MKgeZTdcv7f6Ray6JbMg6IJMJ7f6R_y6JbMg6YJMJ7f6Rty6JbMg65JMJ7f6Rvy6JbMg6sJMHbMpda7_Je.js
use.typekit.net/ik/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ik/yoj7ktUHIoOLLypXB5IBGR6450N-haxoGa4h55qZ-XwfecbJXnX1IyvhF2jtFRZLFRjXjAZKjABcZQBqjcjuFA9hwRiRwhbUe6MKgeZTdcv7f6Ray6JbMg6IJMJ7f6R_y6JbMg6YJMJ7f6Rty6JbMg65JMJ7f6Rvy6JbMg6sJMHbMpda7_Je.js
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6544fd4ac9584ad63a310fc386b93f656bcb507c2e6f9fd80528e30318e7e952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://sola.pr.kmutt.ac.th/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sun, 28 Jul 2024 13:27:57 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6670
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Spectral:ital,wght@0,400;0,700;1,400;1,700
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3290699dc0081130647c9b7e29bb9f8fde9be7539d97d50e0b0447acc89d9935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://sola.pr.kmutt.ac.th/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 28 Jul 2024 13:27:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 28 Jul 2024 13:27:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Jul 2024 13:27:56 GMT
modern.js
assets.squarespace.com/@sqs/polyfiller/1.6/ 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer
https://sola.pr.kmutt.ac.th/
Origin
https://sola.pr.kmutt.ac.th
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
7905, 31666
date
Sun, 28 Jul 2024 13:27:57 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1368620
x-cache
HIT, HIT
content-length
42447
x-served-by
cache-iad-kcgs7200042-IAD, cache-ams2100140-AMS
last-modified
Mon, 31 Oct 2022 21:19:57 GMT
server
UploadServer
x-timer
S1722173277.300086,VS0,VE0
etag
"fe0d53a94823df972dbf107bf190771a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 02:39:38 GMT
extract-css-runtime-188ae4dbe3c141633731-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
cldr-resource-pack-e94539391642d3b99900-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
common-vendors-stable-3598b219a3c023c1915a-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
common-vendors-7feaad85eb9f60997039-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
common-991b165bc728fcd2425c-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
commerce-bcbe95f0cd1aa5a46211-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
commerce-2af06f7948db5477d8f5-min.id-ID.css
akamai-assets.squarespace.com/universal/styles-compressed/
Redirect Chain
  • https://assets.squarespace.com/universal/styles-compressed/commerce-2af06f7948db5477d8f5-min.id-ID.css
  • https://akamai-assets.squarespace.com/universal/styles-compressed/commerce-2af06f7948db5477d8f5-min.id-ID.css
0
0
user-account-core-92727fc4b4719c3e6fe3-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css
akamai-assets.squarespace.com/universal/styles-compressed/
Redirect Chain
  • https://assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css
  • https://akamai-assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css
0
0
performance-a7a02f003d8f467803c3-min.id-ID.js
assets.squarespace.com/universal/scripts-compressed/ 		0
0
site.css
static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1545/
Redirect Chain
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1525/site.css
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1543/site.css
  • https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1545/site.css
1 MB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1545/site.css
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Server
151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
7d4f5017c76f9a62967aac1e81f0a61ce8ec4b93be12e69189fd22431a975dad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sola.pr.kmutt.ac.th/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
39, 0
date
Sun, 28 Jul 2024 13:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
100274
x-cache
HIT, MISS
x-contextid
wIwoLwkB/nJTWm2wp
content-length
121333
x-served-by
cache-dfw-kdal2120059-DFW, cache-ams21048-AMS
pragma
cache
server
Squarespace
x-timer
S1722173277.654747,VS0,VE361
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly

Redirect headers

x-cache-hits
32, 0
date
Sun, 28 Jul 2024 13:27:56 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
0
x-cache
HIT, MISS
x-contextid
e1TLF98G/0Nimg8EY
content-length
0
x-served-by
cache-dfw-kdfw8210134-DFW, cache-ams21048-AMS
server
Squarespace
x-timer
S1722173276.364664,VS0,VE232
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
location
/static/versioned-site-css/664afbaafe1dbf55e627c3d1/4/5c5a519771c10ba3470d8101/664afbabfe1dbf55e627c3d9/1545/site.css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1715197027547-1FGVIYTO5FID3JQL1XAN/ 		0
0
logomrb.png
images.squarespace-cdn.com/content/66166ec167267f4e3c6ccf2d/471ff34b-eaeb-4497-b4cd-153551b915f2/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/66166ec167267f4e3c6ccf2d/471ff34b-eaeb-4497-b4cd-153551b915f2/logomrb.png?format=1500w
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d66ddce9bcfc89c76b9e2613507f43c7fe09b6636df517ebb069a5c45c49e978

Request headers

Referer
https://sola.pr.kmutt.ac.th/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cache-hits
37, 0
date
Sun, 28 Jul 2024 13:27:56 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
508083
x-cache
HIT, HIT
content-length
113064
x-served-by
cache-iad-kjyo7100068-IAD, cache-fra-eddf8230032-FRA
x-sqsp-accepted-scopes
EDITOR
x-timer
S1722173276.319794,VS0,VE1
etag
CPvr1MTDt4UDEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
false
tracepoint
Fastly
site-bundle.722e8db92a2a6ce75c0f85552b9fba6a.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		0
0
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		0
0
rnCr-xNNww_2s0amA9M5kng.woff2
fonts.gstatic.com/s/spectral/v13/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCr-xNNww_2s0amA9M5kng.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spectral:ital,wght@0,400;0,700;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sola.pr.kmutt.ac.th
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:48:08 GMT
x-content-type-options
nosniff
age
437989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21816
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 22:36:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:48:08 GMT
rnCs-xNNww_2s0amA9uCt23BafY.woff2
fonts.gstatic.com/s/spectral/v13/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/spectral/v13/rnCs-xNNww_2s0amA9uCt23BafY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Spectral:ital,wght@0,400;0,700;1,400;1,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sola.pr.kmutt.ac.th
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:26:26 GMT
x-content-type-options
nosniff
age
424891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23124
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 23:19:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:26:26 GMT
l
use.typekit.net/af/7f8b4c/00000000000000007735af54/30/ 		0
0
redrock
zeniscold.shop/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zeniscold.shop/redrock
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004497e75924da2bac7cd6b500859d54a42561e488e6f6a6c56b59ce6b354446

Request headers

Referer
https://sola.pr.kmutt.ac.th/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8aa535aa3b6cc05e-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 28 Jul 2024 13:27:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAi3XTVeV%2F%2BYDvlbhXWLZTlu8tUSmIxOMZyXGD9LwfAP%2Ff6IOKZCOBHS15Bbj970I6t2AhEhAdHEbWsJ9oy9jE8OnVif7gH7uDasBsZDWcwPP6tMHZBrOlajB9XLbXRKgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rocket-loader.min.js
zeniscold.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniscold.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: zeniscold.shop
URL: https://zeniscold.shop/redrock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://zeniscold.shop/redrock
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:27:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2024 16:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"669fdbbe-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BY7I08G20R5IQ7kvIXBWAr4A43YHMLCvBPx1a%2FvcsRVIudZilU2K2kHprAXpUxUwITD1df7C33ZVm73n%2Bkx5k6dxz%2FeiBHFnErtHb3Y9HsT6Xv4wzX7n%2Fk7nLFwXPSLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8aa535ab9d0fc05e-WAW
expires
Tue, 30 Jul 2024 13:27:58 GMT
favicon.ico
zeniscold.shop/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zeniscold.shop/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6668e0b78f5c65698c0a3a3e48d447f4d703609a774cacabda1ef7ad143a529b

Request headers

Referer
https://zeniscold.shop/redrock
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:27:58 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Mar 2022 10:07:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3215
etag
W/"3aee-5da67337efc00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hWeOB2i%2BYNNsB4QlzowBBvNawjfFT3fdHk2C7WsrrKbJnGUufanEuz1lOjj63cOjxbsiDLxMSpTUbrbH9SSPxt9iexg%2FiiGMDAjefVH%2BCLxxPFD%2B%2BOqp1kUxel3H9lZipQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=120
cf-ray
8aa535ac0ddbc05e-WAW
alt-svc
h3=":443"; ma=86400
6841525
koafaimoor.net/4/ 		29 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/4/6841525
Requested by
Host: sola.pr.kmutt.ac.th
URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a8454b9bc05dd8bcae9616ab75121c5abd377fa1ba6d57888b77b205d163d6d6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://zeniscold.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sun, 28 Jul 2024 13:28:00 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
edf44062c70caf5a486b321ac8c5ef29
sftouch
koafaimoor.net/ 		2 B
604 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/sftouch?userId=0080a73330cc4f59ee1607a305918c84&z=6841525&p_rid=0d20c3b9-15e8-4c2e-9f43-68c342aeca51&p_src=sf&branchId=0&rb=ZNAZmV4VqZ0-AKqlBOCoMOnUdWmi8KwrCErW9E-2YA96XMaeMhXxGixkctVqIMhQoxVGP3v8iz7UmNUhL9HqlumTkiWST_1HkUF4CYV5suRCF4Ko01e26H7bQVaKrOvZQOTA5r3woMpFJ0mkRtx-bUJK9b0MwI-Htot7lU80ryusXAJY6-A-UhY4Zo1KAOGtX5I8dJ6zyUMUZUIGkmYukZ1sVrifcehRxK2kSjueceOCxyi76IDoFZO0mlXxndBNWsZa74psIK6ikitJdO_UT3W6iP0Hmg_38A2X55Qo2a6g8NsoPO-Hcl93d2ZYtrXU
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6841525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/4/6841525
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
d2aaedd64fb4f43675f33c3a12a5bc95
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://koafaimoor.net
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080a73330cc4f59ee1607a305918c84&z=6841525&p_rid=0d20c3b9-15e8-4c2e-9f43-68c342aeca51&p_src=sf
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6841525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
koafaimoor.net/log/ 		12 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0d20c3b9-15e8-4c2e-9f43-68c342aeca51
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6841525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/4/6841525
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://koafaimoor.net
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
add
koafaimoor.net/async_log/ 		16 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0d20c3b9-15e8-4c2e-9f43-68c342aeca51
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6841525
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f

Request headers

Referer
https://koafaimoor.net/4/6841525
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Jul 2024 13:28:00 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://koafaimoor.net
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
content-length
16
expires
Tue, 11 Jan 1994 10:00:00 GMT
Primary Request /
koafaimoor.net/4/6118780/
Redirect Chain
  • https://koafaimoor.net/?z=6841525&syncedCookie=true&rhd=false
  • https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
29 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8ddb014cd9188bafc1239861b3b54996098c54b2ced9fb44cc2b41ff298307d8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://koafaimoor.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Sun, 28 Jul 2024 13:28:00 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
350ab32b15050578e38b28af0663e2be

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://koafaimoor.net
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Sun, 28 Jul 2024 13:28:00 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://koafaimoor.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
6d4acdebdd823df32e5bc737dfbbb0ac
favicon.ico
koafaimoor.net/ 		0
150 B 		Other
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://koafaimoor.net/afu.php?zoneid=6841525&var=6841525&rid=XXz4jyvWNyEJSqRKY8d18w%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 28 Jul 2024 13:28:00 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
sftouch
koafaimoor.net/ 		2 B
604 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/sftouch?userId=0080a73330cc4f59ee1607a305918c84&z=6118780&p_rid=fb9c77d6-c882-4b2d-8515-ea8026e477bd&p_src=sf&branchId=0&rb=6Hx_NIByBMt-4aUe8Agl_MAMVW4IXNqJI8OZGbHmE8Cbot0JrSroqA-salVM4gUtvu1mwh5nlJdRW1A3R9xFy-aKGlK_meCVfGL5RGxF1Rm8F3CmNrkwjevoLFgHQiiZ4JXXrvdQfxmYJ-v8f0mKSEbEj073a8YFog2hBabGG7AZqMr06irDY2GrXrj2Ywj5ri8FOPgb6oSZQsj7HYPG_s-2W_p-AB_n2Nzii3Oz4ILQQBxbXFhOz-RdA3MqVmfD_9zvur5Vt6zWhwsa2-MoDWo7yJQGOESswjzCcg==
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
2
x-trace-id
b1dd5dc1963203dd9757041ee954b41e
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://koafaimoor.net
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0080a73330cc4f59ee1607a305918c84&z=6118780&p_rid=fb9c77d6-c882-4b2d-8515-ea8026e477bd&p_src=sf
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://koafaimoor.net
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
koafaimoor.net/log/ 		12 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fb9c77d6-c882-4b2d-8515-ea8026e477bd
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 28 Jul 2024 13:28:00 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://koafaimoor.net
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
content-length
12
favicon.ico
koafaimoor.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 28 Jul 2024 13:28:00 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.etoro.com/
Redirect Chain
  • https://koafaimoor.net/?z=6118780&syncedCookie=false&rhd=false
  • https://med.etoro.com/B12087_A72681_TClick.aspx
  • https://www.etoro.com/?utm_medium=Networks&utm_source=72681&utm_content=12087&utm_serial=&utm_campaign=&utm_term=
0
0
add
koafaimoor.net/async_log/ 		16 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fb9c77d6-c882-4b2d-8515-ea8026e477bd
Requested by
Host: koafaimoor.net
URL: https://koafaimoor.net/4/6118780/?var=6841525&btz=Europe/Helsinki&bto=-180&bar=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f

Request headers

Referer
https://koafaimoor.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 28 Jul 2024 13:28:00 GMT
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://koafaimoor.net
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
content-length
16
expires
Tue, 11 Jan 1994 10:00:00 GMT
favicon.ico
koafaimoor.net/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://koafaimoor.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://koafaimoor.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sun, 28 Jul 2024 13:28:00 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
server
nginx
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-188ae4dbe3c141633731-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-e94539391642d3b99900-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-3598b219a3c023c1915a-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-7feaad85eb9f60997039-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/common-991b165bc728fcd2425c-min.id-ID.js
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/commerce-bcbe95f0cd1aa5a46211-min.id-ID.js
Domain
akamai-assets.squarespace.com
URL
https://akamai-assets.squarespace.com/universal/styles-compressed/commerce-2af06f7948db5477d8f5-min.id-ID.css
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/user-account-core-92727fc4b4719c3e6fe3-min.id-ID.js
Domain
akamai-assets.squarespace.com
URL
https://akamai-assets.squarespace.com/universal/styles-compressed/user-account-core-e84acd73aa5ee3fcd4ad-min.id-ID.css
Domain
assets.squarespace.com
URL
https://assets.squarespace.com/universal/scripts-compressed/performance-a7a02f003d8f467803c3-min.id-ID.js
Domain
static1.squarespace.com
URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1715197027547-1FGVIYTO5FID3JQL1XAN/static.css
Domain
static1.squarespace.com
URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.722e8db92a2a6ce75c0f85552b9fba6a.js
Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Domain
use.typekit.net
URL
https://use.typekit.net/af/7f8b4c/00000000000000007735af54/30/l?subset_id=2&fvd=n4&v=3
Domain
www.etoro.com
URL
https://www.etoro.com/?utm_medium=Networks&utm_source=72681&utm_content=12087&utm_serial=&utm_campaign=&utm_term=

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Domain/Path Name / Value
zeniscold.shop/ Name: PHPSESSID
Value: 1dvllj9c9m5coabc530mcsfsal
zeniscold.shop/ Name: short_1
Value: 1
koafaimoor.net/ Name: OAID
Value: 0080a73330cc4f59ee1607a305918c84
koafaimoor.net/ Name: oaidts
Value: 1722173280
my.rtmark.net/ Name: ID
Value: 0080a73330cc4f59ee1607a305918c84
koafaimoor.net/ Name: syncedCookie
Value: true
.etoro.com/ Name: AffiliateWizAffiliateID
Value: AffiliateID=72681&ClickBannerID=12087&SubAffiliateID=&Custom=&ClickDateTime=2024-07-28T13%3A28%3A01.1891999Z&UserUniqueIdentifier=17370dfc-0644-4472-8318-28d75b10b3b9
.etoro.com/ Name: AffAttr
Value: eyJBZmZpbGlhdGVJZCI6NzI2ODEsIkJhbm5lcklkIjoxMjA4NywiQ2xpY2tUaW1lIjoiMjAyNC0wNy0yOFQxMzoyODowMS4xODkyMTUyWiIsIlVzZXJVbmlxdWVJZGVudGlmaWVyIjoiMTczNzBkZmMtMDY0NC00NDcyLTgzMTgtMjhkNzViMTBiM2I5In0

3 Console Messages

Source Level URL
Text
rendering error URL: https://sola.pr.kmutt.ac.th/thelanguagingcourses/wp-content/uploads/page/?slotgacor=HAHA178(Line 1143)
Message:
Error: <path> attribute d: Expected number, "…-5.3v-3.4c0-1.5,§§0.4-2.6,2.6-2.…".
network error URL: https://koafaimoor.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0d20c3b9-15e8-4c2e-9f43-68c342aeca51
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://koafaimoor.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=fb9c77d6-c882-4b2d-8515-ea8026e477bd
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akamai-assets.squarespace.com
assets.squarespace.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
koafaimoor.net
my.rtmark.net
sola.pr.kmutt.ac.th
static.cloudflareinsights.com
static1.squarespace.com
use.typekit.net
www.etoro.com
zeniscold.shop
akamai-assets.squarespace.com
assets.squarespace.com
static.cloudflareinsights.com
static1.squarespace.com
use.typekit.net
www.etoro.com
139.45.195.8
139.45.197.244
151.101.0.238
151.101.192.237
151.101.64.238
172.67.166.34
202.44.15.3
2a00:1450:4001:810::2003
2a00:1450:4001:82f::200a
2a02:26f0:3500:16::215:1495
004497e75924da2bac7cd6b500859d54a42561e488e6f6a6c56b59ce6b354446
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3290699dc0081130647c9b7e29bb9f8fde9be7539d97d50e0b0447acc89d9935
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
55b5d7e6dbc2032d35177290c4a282e98fa60d86dc3f0d7ee04fac14f8941bfa
6544fd4ac9584ad63a310fc386b93f656bcb507c2e6f9fd80528e30318e7e952
6668e0b78f5c65698c0a3a3e48d447f4d703609a774cacabda1ef7ad143a529b
7d4f5017c76f9a62967aac1e81f0a61ce8ec4b93be12e69189fd22431a975dad
8ddb014cd9188bafc1239861b3b54996098c54b2ced9fb44cc2b41ff298307d8
a8454b9bc05dd8bcae9616ab75121c5abd377fa1ba6d57888b77b205d163d6d6
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d66ddce9bcfc89c76b9e2613507f43c7fe09b6636df517ebb069a5c45c49e978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7