firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TSipj4uShP-EueHOaDpb-qe5Mvp8BnwQnqwNB0mpODPCBsvqFgV0Ew==
Age: 162295
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6573
Expires: Fri, 07 Oct 2022 14:41:46 GMT
Date: Fri, 07 Oct 2022 12:52:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12483
Expires: Fri, 07 Oct 2022 16:20:16 GMT
Date: Fri, 07 Oct 2022 12:52:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JdAoQu4SVJ2rngNX3E9azhwgBXicDYfczeINg008z6szT7NDRmOkJOhGZE0G6DjqTR4UXCLFm5U=
x-amz-request-id: ZAY29RZD9E9TG936
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 11:59:10 GMT
age: 3183
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:52:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bamboairways.com.vn/lienhe
104.21.62.213200 OK 9.2 kB URL HTTP/1.1 bamboairways.com.vn/lienhe
IP 104.21.62.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (654), with CRLF, LF line terminators
Hash 09b3ad06ca93667a81210279ca96032c
e47b9238eb60ef1b747565dc826a9c2792c3a4c6
b6b7e15992b596a53611d94218656ffa8e17d8897db5f20fd0c1099466bd5a5c
Analyzer Verdict Alert fortinet Phishing
GET /lienhe HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; path=/
language=vi; expires=Sun, 06-Nov-2022 12:40:34 GMT; path=/; domain=bamboairways.com.vn
currency=vnd; expires=Sun, 06-Nov-2022 12:40:34 GMT; path=/; domain=bamboairways.com.vn
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FGTKeakWGZZhZ0nJh24CQ5FBt9F6kpLG7q67hKe8rO%2F9A3WZbwRm%2Bs%2FQWqwL41ZGEyL5tKWYiKXQavzCc6w4sazHuJcYwhxmxahe5mMpULntTeAcDxgaxrD%2Bx0EmH3w6HcZpjl%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d05b39b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.34200 OK 17 kB URL HTTP/1.1 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2021)
Hash 644b3aa474b0b7418649a582badfd446
b86345e44ed16c69f9b8efbd6a9ae426d7b6a8cc
b29181ba84a74ed0344e80b66101125293ccaeb15a22456a02aefdb7671a344a
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 07 Oct 2022 12:52:14 GMT
Expires: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 11313833467736987248
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 17403
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=UA-145619567-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-145619567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 05d47762862cabb8b1f1985cf05104b2
3dc6020c0366ef1c2fa4509f26b8e0bfa67d5377
420c1d6910244d1996d29f3449a358361f974188ca634989622c5b057631fec8
GET /gtag/js?id=UA-145619567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 12:52:14 GMT
expires: Fri, 07 Oct 2022 12:52:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 07 Oct 2022 12:29:41 GMT
Expires: Fri, 07 Oct 2022 13:22:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aF5PdSW23mxKZnrwtaisfns1WpcOO97yeUmw88Oyyn_RkMFHU9sIsA==
Age: 1353
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Last-Modified: Fri, 07 Oct 2022 11:42:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
bamboairways.com.vn/catalog/view/theme/default/stylesheet/font.css
104.21.62.213200 OK 168 B URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/stylesheet/font.css
IP 104.21.62.213:0
Hash 3977827bb5b12f6ce77ff7f1eb49e3ae
d25d4cf05f073a7fba4ee3cf9b6c45ad1ce8b9e4
3b0f6c884cb49de189ff7b774233daf1db43efca622e5170181b0f4f4d0c7fab
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/stylesheet/font.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 168
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "4822d-150-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NePQrBhzSKminGrSnEFhKE0fOJ0cq3IjWLbSmzqru0Ri8e%2BfCqZBvka33FAw78jqi2EotFqV3OLHSQTalNRFqEl2VzYEU7Vho%2FK7AUiGTUcBLmhM4CzHuNnE8UpxFHoX5vSvBKMZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46b38b506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/stylesheet/reset.css
104.21.62.213200 OK 542 B URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/stylesheet/reset.css
IP 104.21.62.213:0
File type ASCII text, with very long lines (1104), with no line terminators
Hash 44e6c04dcb32b62a2ccf7f8634218249
e5487247a2ceaec8e0124376f56dc938c7bf4d47
dcc25d14dd81ea92eb400a4752d89601850db695aec2835462122a924b6b9efa
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/stylesheet/reset.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 542
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "48237-450-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCfXx2UZMhHQ2TpSPmNWSGEgUSWQKJAhAUUhTGyLfENLcU6%2FRjmFhMYDnf48qKOYCiX2L1LrQDJrsA8qnqfhcQZGeF2uBvdC%2FfnJeYwBFWvts%2FEc7bnmxs2mPZg%2FR8S9EUPjdwZo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d4685db517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css
104.21.62.213200 OK 4.0 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css
IP 104.21.62.213:0
File type ASCII text, with very long lines (17613)
Hash 812c97a95d8d2ba7bf4853a4bdfd2fc7
efb0f9b849f70b75aa6d9b4dfd34e6b016125e50
3ea00503b84945d953f9453d5515c22f1d04c9086c1ece8ff0aed85d459ce2da
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/stylesheet/font-awesome.min.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 4010
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "4822c-456f-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73UboWTsaPkLlDMvdycKy2ldsJpl0tGM7nDE0dYVGBVGyMcQ7mRRzcSpVhhdREFb712qy2ntctYNxSgwzFuzdIL%2Fl3dzQbWryPg0pTvSpuqQ6xMKoA49LURcbTNTIxDdv7JTHkDl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46fceb529-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A7FH7XmxOKlFxMIM2HCKAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8Je36hlOhxEqazFIcBYGqCT169Y=
bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js
104.21.62.213200 OK 33 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js
IP 104.21.62.213:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32803)
Hash a6a3dbd117622541a216a39e32070101
22838fc7ef342cd1f7d940566dc0df01ddb6f5fc
3b3c24caef7dae9c0e81a3c266f91997a8afec50514cc12bf4739ad5204794b2
Analyzer Verdict Alert fortinet Phishing
GET /catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: application/javascript
Content-Length: 33386
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:04 GMT
ETag: "480af-16b11-576d902697600"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb7v7xUe0rlHErZl4zuSUlLQtQsA11DKA1s2GVJRJJGI6s1QoK8NaI8zwEGTF82I%2BmH5Jh%2FAE%2BBFNHcqISxwQRoNm4bVdJzJNgr2q33YIU43HFJczOr5VRMmDAhWPq%2BBMK8MZqny"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46f1cb4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
104.21.62.213200 OK 28 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
IP 104.21.62.213:0
File type Unicode text, UTF-8 text, with very long lines (461)
Hash 80f776d8c0d281db4e09df2159e599a9
349709a3479efe3b6657a2105675e9b35d84069c
5e55bffcab81779569696d0efab0ddbe6cd1dbb4879113736ad7ffd680409505
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/stylesheet/stylesheet.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 27842
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 10:15:46 GMT
ETag: "4823b-21cd2-5e398f3b79fbe"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q6GNCG180xpgc5YgjucowSq%2FmFsNdoDvE8vG%2FpT0cxXTv%2Fs%2F%2BQuJ%2Bmy6hF8kqpwJ53sGMTqZFE1M0s8J%2FG8ga7TBmeorRlqLNbDLoJejndXmXemdR5eGSTR%2BEcjhctqTIK0dcwj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d469a3b4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js
104.21.62.213200 OK 421 B URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js
IP 104.21.62.213:0
File type Unicode text, UTF-8 text, with very long lines (759), with no line terminators
Hash 4bd5484e53b1b51646d74f589f7c1718
62c6a3f30e16707d653c93fe504accb2caae63cf
1400d9704c32aee0783f684a5931b4b96be3900495cc4062b444e6530b0d99c3
Analyzer Verdict Alert fortinet Phishing
GET /catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 421
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:49 GMT
ETag: "47f5e-340-576d901849440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Vci5tmnG6ADc22aqRkYaX9%2BSUVHsIKCk3TaRN2BNdxkZs%2FQeluvJZmWsfEJfh9ks0b2d4vPamDEJlrDOqhcerIyKVIcBco9FPIZEu98HgQTmb6CXcvZwmMHQOpAgmPMG840ZiTU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d74f5ab506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/script.js
104.21.62.213200 OK 2.2 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/script.js
IP 104.21.62.213:0
File type Unicode text, UTF-8 text, with very long lines (382)
Hash 79d829df9c92c32792252cf39e92ddd9
d9f98383f3632acbd93a68299224defc654ed9b0
d402776543d88537e6edb423941d40e96aa914bae1b06d1341084de10b50943e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/javascript/script.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 2150
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:36 GMT
ETag: "47d09-1e6b-576d900be3700"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih3VoRDT%2BvVDauXLhC08o%2Bkjpfv9llG4g368a%2BbaeQo7ooKg2O6GB1ATyDWtuuqNRz8zZMA5d611c8CxO9OmWNFPXjQYUzktUZqbQkjRVBRVHiBAkzju8wuOjDi5n9sWoYkhiuRF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d74be4b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
104.21.62.213200 OK 655 B URL HTTP/1.1 bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 104.21.62.213:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 15:38:08 GMT
ETag: W/"633c5360-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpjR4%2B2x44fBQhuz1Cg4zb2wuZvAMKxa8mzsrbUu5U2FG%2BOfu9RrCDUy0vqQagKrvxE7M5x80UZYXfVZiElZV%2FktG0rDFuLKrb5cFFQUsrxYX%2FMouR05vda%2FFz5nFEQdvLkCCAmM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5da2ff7b517-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 09 Oct 2022 12:52:15 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js
104.21.62.213200 OK 443 B URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js
IP 104.21.62.213:0
File type ASCII text, with very long lines (900), with no line terminators
Hash 15c5f531e92a2de7d346d010f2e81f76
16fd74e366076ce60ab636a489c259e1201a91b0
76800df414f1234c43ff324710738ac5690bfbc03ba506aa011bceefc8ec295c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 443
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "48070-384-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B7D35VZwHYfwJWmc5UytITJY4w0xxF%2FmM7lWAi%2F6SUV8WYd83%2Bss%2FRa%2FCQIb0iyIVnjVp%2BhpsLm5u2kaEoFob7u4VG%2BYVbLQJnTeTn4pffxJpyfMcANpIbEvBChmdPf%2FecURWPN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d75b59b529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js
104.21.62.213200 OK 62 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js
IP 104.21.62.213:0
File type ASCII text, with very long lines (32240)
Hash 797892f601f9521c3c44224911209a90
edeb5c34f4b5b7403186136f7c416dd21cea2e4b
0bcd225adb855b5f5a8a7250b7fd34dce94c04ba8370acdf24159a89ac485911
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:04 GMT
ETag: "480b0-39841-576d902697600"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7%2BNnYkRF%2BwIwd0aaM7wZTpvnY725395eJMXxiVZHhicueF2TV5D%2Fj%2BYvEk2T4yC4OlqJ0dShTJSOCLg25g86N5EHg0TBz0veY5zLY8W%2F%2FCW5F33E7Q1wxlfuHMVLbKKHUmxBek%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46af1b4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js
104.21.62.213200 OK 5.1 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js
IP 104.21.62.213:0
File type ASCII text, with very long lines (14689), with no line terminators
Hash 70c817e5c9d394d3b0f3f26a2026d8a3
dc1bf5d9adde74a11ffcfa3e7aa59d2f37617938
1c65eab7b21fe13c184b21eb2d7318b10778edd010db3d688c3da3c998e03bdd
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 5128
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "4806f-3961-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO3pn2LKBup7P1BRNzW7GXz2N1jGmSpbw1MXdjCHHrH6PP7uXs3YgoGNp2TWXaVensUV5K8tEsjMHMopwASF3ncO0cpkvpIICZnf53fg1TDjjrdFi5SyBLNq0wsdyZSup4mLRaHv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d8ad46b4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css
IP 104.21.62.213:0
File type ASCII text, with very long lines (6913), with no line terminators
Hash c49e0febb64236e2f98e00d38cc1c8a6
4faff545c16af32bc7732a6eee4e81d0d5ece563
f8e43fc478e74f583ef5ae438aec4554242e912234cbb2b6b8152242d8da758e
GET /catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: text/css
Content-Length: 1374
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "4806d-1b01-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vgwcOBaj67DCfHpr1PfVziWlFmN25Lm3NEuJx2cfMzV88JI1qna3RXnnwZYn9QFurLVG0Tiv3wrbhwMdihY5P4AgBKuaTOyk%2BHx7ndm9GRo4JKxjKV4jtYiaUz9M9sKULhZU%2Foh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d8bedbb4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js
104.21.62.213200 OK 227 B URL HTTP/1.1 bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js
IP 104.21.62.213:0
Hash b55f8ce4e6c789b76a78d90a4b804aa1
f3ed9d3bf9ad153be42bd3e13c386f6f2fbf4f7f
d8e4c90fb22dc8c1d046a34679366b660ec0a64b832a9cca1e37b95b91ed6822
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/javascript/jquery/tabs.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 227
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:49 GMT
ETag: "47f62-1c2-576d901849440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln52lLUCzgKPnIeY2Y7e9HYE1fBG2%2BsCBMTbqrgPfKEMoqb6EdkvmYvVLX0a7KNAHbferGsTXrRhXXam3oDywtmPws5oWNN%2FBynTPvWI2JY7qzMr%2BAbTGcfG018ZEOqAm69FU1ZK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5da1c1bb506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06283ec49d3981b60b28731fd8a9940d
10c0d991f7ad234557792c175fdbf81e3356416a
0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4EEoZVMtDaWUiCVvGW_0w4BSa1f1KDudnzPEoSIVF_ckE9MdhiflOw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:45:54 GMT
age: 54382
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 54516
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:18:30 GMT
age: 52426
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 54291
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 53006
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 52999
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bamboairways.com.vn/image/flag/DE.png
104.21.62.213200 OK 1.3 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/DE.png
IP 104.21.62.213:0
File type PNG image data, 22 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash c750a6a830cb880000311b365e9e132d
f6348c7c809c80224ab119252a6931fad1c245c4
864f61b91f63742223dfd4421fc4e130470720be07116a0ec7e93861eec65448
GET /image/flag/DE.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1314
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3a-522-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzIGQnd2VoEwyJJe5LV2%2FC1Zcoo3hLd1jIf2QUrKzyh%2FkbmGCv1%2Bo2RrDA88xqUbZ226%2B6UiUyd5DXN7l6vnJmYItdynn%2FY7Dx3PYoYX6cklBDY5cV1c32w9dTkk6SXSZ5MMcfl1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dede74b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/RU.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/RU.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 684e512e892fddf109fb6da8cd13a525
88ff56315aea615c55750921896502dec6eeac57
995b9fd75d425493100ab32dfccc8869e757b5ac89b6901854ac916833c4c39c
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/RU.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d47-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdZWMqWc%2BX6O%2BaTshNNlSg2yViBauM6Iw13V5mgy%2FEz5a6xMTYdUIgm5io1zGjFeOAhxmclG8y7NMJg7oiFyBLPo3w0hRhTRS5xYduYikUEwlonw1XdcoxHFYfNjK9HwFPk1uMpD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedb73b506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/TW.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/TW.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash bdabc506bd4445f385c93bbbf2a5dece
ae740f040f2541133fb23346cdf2892be42557ef
642aa6e35fc94d880080df53d37b8ee5498b7102b95c7560b4a84e7b448e284b
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/TW.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4b-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujH8fVxK1ZILGUEhQ4TB2Z9ZsZGf3%2BVYKBvSGOwCdOO7wxEnKf7TASsPpZjb9eO7AeJ6b8z9DBiaj83vNbPAvlsmy8mKTo6apr%2FLU58BIH%2B0Ii5JmVq8SJ416bY10R8kKfGeMcXl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedcc6b4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/CZ.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/CZ.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 98c0984f5b3590811dec31f894e91d7c
cce9aa77ecbd5eeed4b0b96b55ab8f7ffeaf36a9
4d254f06d3734d6e7dfecdbb7e874e12010ffe5cc321080a13a65cb1e0e7cb2c
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/CZ.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d39-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHqfpY2wuOrRSsMcOTRf%2BZilKFeU04XMPKy7zOpYns110eOZZpjl78GVABbGnixy1Ffj2WP4pW7KaS37XLgsrpfLaJTl9tfm8ySlVlgwYQm2kCN530AhmTznkBXtzlS1Gj3nVL9L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5deef70b4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/KR.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/KR.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 7040d55cb1113b10a6a0da358b793991
a0c4735394c6e59db2ca00898387d64b9a2604a3
ea1f40269640f483822a8a5651a7bc4bcb48c378ec9ea0bed6961d1abb1e1e3d
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/KR.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d41-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ni9QG4pjrjwUxbkTfHhmwYHd3lvShcxUsMXD0U3NjUBCP%2Fa%2BxdRGWwtiLJ4HtiMJ7oqclseU9CyzhAdOATre0Lv4VnHGL52MNHBzT7y2ySXxQZf95w5kMm80ITpgTjv51gcrqOW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ded900b4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/FR.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/FR.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a75eea4133da2783646f1da3626736cd
eee0c75438648eb90baf42eb3c1a452257e6adff
af3bb1bfead0ce605e931057e90005ae8a3a5351e97455ae9eddee6c394c2b5d
GET /image/flag/FR.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3b-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl4aXhwUFiEU7wgHYbsAYxReWMBIomFhpJpPRPWVevMYeenpZzwOp%2FL2%2B1B%2FZlW%2FaPPJcjihbV6Jx02OpMyJElM7NSY9MBVHrRe7whaKlCOa1TJXMLSuFJEX85irPAtHmw%2BeoDDt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedecab529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/image/bg-footer2.png
104.21.62.213200 OK 44 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/image/bg-footer2.png
IP 104.21.62.213:0
File type PNG image data, 601 x 276, 8-bit/color RGBA, non-interlaced\012- data
Hash 0294caface6b0418f3cd9f97a5f1115e
ce31dfc0e2f77879ba82838bbfa7aa43534e6cc4
7b5d1cdfc69c2d662ce22811adf705a4bdb2edeeae9bfffdec7b3a0c03e2cf4b
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/image/bg-footer2.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 44067
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:08 GMT
ETag: "48118-ac23-576d902a67f00"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159545
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fzt9Qg0zV1Dix%2FSMthXeG%2FfKYUV9gmhT279ayKvz767PlWK4t%2BBoZ9xh7CF4yc60JMlORAAJ%2B8A0E8dfzbyXJk3H4%2B9cEEF8F%2BFNH9Iz3aoUFBYR4f3NqNwXy7aXdnaz9%2FmZI%2Be7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bb56b4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/image/top.png
104.21.62.213200 OK 3.6 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/image/top.png
IP 104.21.62.213:0
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash b18fc188d2ff0c6ef0644f8e2127ddb2
34965a36c1db2d0238a42f7c11f3311b132f3fb0
a138aecc39ceb354ffddfe7be42408b73a91d2a6ace38dcc70b79c49907fd6dd
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/image/top.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 3629
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:21 GMT
ETag: "48215-e2d-576d9036cdc40"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8XUOhVsQuyXlOtKS%2BuKxscChbacfKL9u6koWgz%2F4hR%2FXypoK8OTvP12SRjfGMq0t4VMFEF4tCJ5K1Znk8ukKL1DOa1xwg%2BUl5Fg5UsAtAYYnA12nT60xPEZqNpdrQjeA05iRii2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bcf1b4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/data/logo/logo-bb2.png
104.21.62.213200 OK 9.3 kB URL HTTP/1.1 bamboairways.com.vn/image/data/logo/logo-bb2.png
IP 104.21.62.213:0
File type PNG image data, 196 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b35d3a5150c9165948415910583a479
110700db007f83f300d36e00b83ea707d83577b7
3492a0ef1853aaa10a6f8abbfc34d24e234db14d7ed1d41a77b3b41fa3620695
Analyzer Verdict Alert quad9 Sinkholed
GET /image/data/logo/logo-bb2.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 9312
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 06:08:19 GMT
ETag: "67eb2-2460-5e45ea92b97ec"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkl63HsPWmDUQdN1wGs4fKvgoqttF9S9zeZUUT4yLi7hZqTazDQTUiVeLqgUEOySxJ6qEqemsZ8PhRHh%2FPQy6LMgcIdmt2ljL6gr9B2xU51ius3cD%2BZVSuw0fT6cj%2B4ELlFVXkEQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1ba87b529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/zalo.png
104.21.62.213200 OK 2.9 kB URL HTTP/1.1 bamboairways.com.vn/image/zalo.png
IP 104.21.62.213:0
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 288a9259004fad8e7b8bfd200f5cee52
c6f4efba6a2ea019ffbb6ff6a7b97eadcc6ed5fb
2ce8c11692e5b60fa886cfc1119be5c7bbce3bfaeb6a9cc33a913d5889c2b42d
Analyzer Verdict Alert quad9 Sinkholed
GET /image/zalo.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 2876
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 07:51:00 GMT
ETag: "429c4-b3c-5e798dfdba120"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0VvPUHF1%2BnPcFIDgcVnZ2CeI7urJes0W1UjyenHpi7BQf6P6xvhg3%2FW%2BDWXpHmpmkYCb6IKlqU8RK0ItPfrbOqqHntaAUsz7r155dYYtC28MAK1v1dZgJrfoAeQ2L6hb28cXRoK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1cb6fb4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/image/img-flybamboo-01235.png
104.21.62.213200 OK 88 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/image/img-flybamboo-01235.png
IP 104.21.62.213:0
File type PNG image data, 369 x 290, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e5ff531c7dd22c86d9016358242b4df
10c9a633e43a71ed679ce4ab3ea31fe468d5a46a
1074dcecfa3cb7a240ede670e1c4b4daee96fda98c2a389309726e53d881d4cd
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/image/img-flybamboo-01235.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 88213
Connection: keep-alive
Last-Modified: Mon, 08 Jul 2019 09:12:47 GMT
ETag: "481c2-15895-58d27d8f921c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoKHVgVYaMuheyouaqOPZWeuUVWjJw1Hu9uKEdG6eIeIqPYlSyPrdsRJOj5h9YCkTiXIwK98Jn%2B%2FcXu9Qqx0WxeCjBjVyI4z5CNtQ3gqkXQbCj3rYlSbej%2BJIjL1kjAVioifQlxQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1b8d4b4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3
104.21.62.213200 OK 44 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3
IP 104.21.62.213:0
File type Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Hash 3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:06 GMT
ETag: W/"480fa-ad90-576d90287fa80"
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FQrP%2BQhId8111vjaXB%2FDlTo5OQ3mhumpTCFGgBjYkA4h3DrXN1SKgGRc7qmq1xIHSGyEn5X7w7NHi%2BOlPeipZDMm0qfxCNiWA2RSwTy%2Firw2pU0TSjBSqZuFyF%2F5Zx21VMgXGau"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5e1ba21b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/image/0f8c1fac.png
104.21.62.213200 OK 161 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/image/0f8c1fac.png
IP 104.21.62.213:0
File type PNG image data, 800 x 747, 8-bit colormap, non-interlaced\012- data
Size 161 kB (161321 bytes)
Hash 0f8c1faca7728a7f1a1996a9355fa312
237928fcfda8c51ddebb033841645ffbc09d55fb
3770c3b34e3b75dbd8e72935650d13734770a2faabeefb1711eda05f03b1ac7f
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/image/0f8c1fac.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 161321
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:07 GMT
ETag: "480fe-27629-576d902973cc0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sotvtK3gM%2B0GktvXfgbKkUEe%2FbnnYCjrNn9wKtWay88jQCYTzwMxf7lZkgjEKhUUhClw7UESAA4yCHIPF9UR%2FlmD6ekZcCvXae0F0B9ywPBOKdT1q60H7uHyj4C9s7M8WSk35iIk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bf74b506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/language.jpg
104.21.62.213200 OK 2.7 kB URL HTTP/1.1 bamboairways.com.vn/image/language.jpg
IP 104.21.62.213:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 155x24, components 3\012- data
Hash d4ea0d783aa1f4f29d74077e83320630
4c36187376932ed2ad094e5579ffe937c150506e
5cbcbf1d389e67f7df5c15ad5009c3ac75f29ddaa4c0775e52187bdfd79dc1a6
GET /image/language.jpg HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/jpeg
Content-Length: 2664
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c3d-a68-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1%2FQV2hX3Bs%2BiFCLmPQSkDzoWgHesVX8yU3Z1MJHrrCnQF1KVCAf2GRb5xW7n3yeN2ipJtAL%2BHR8jUL1GOFEVcnZEWK46DFMG6EtDpHrLkyQInyt8XH%2BJ4XvVnTRgoFn2WybohhG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e73958b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/google-play.png
104.21.62.213200 OK 50 kB URL HTTP/1.1 bamboairways.com.vn/image/google-play.png
IP 104.21.62.213:0
File type PNG image data, 484 x 143, 8-bit/color RGBA, non-interlaced\012- data
Hash 612061be795b45a471a7d424365e940d
1bebcdae2099e0bd690f7885c175aebacc45cb57
c5749c17ef5b2328036666ecf0e8bd011eebde0c8663b78619a239f9f2770641
Analyzer Verdict Alert quad9 Sinkholed
GET /image/google-play.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 50024
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c39-c368-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBazfOPCYRtgr8qyf0npamNEbO7O4tq1Gc7U%2BeOgoA4EN7rumEVoF4VjPp3UV0NitWQ5CLET6M9HCUoVMV0JTgR%2Fh9bsX%2B1gpURI6iDnErkBSmgW%2BQALVOPnqi8ExDfXn1m6dOIQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e48debb529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/app-store.png
104.21.62.213200 OK 54 kB URL HTTP/1.1 bamboairways.com.vn/image/app-store.png
IP 104.21.62.213:0
File type PNG image data, 497 x 147, 8-bit/color RGBA, non-interlaced\012- data
Hash d4ac05e1a56e70ea8e75761af5311893
efece30f5508ed64fac1553f40d43aba06bf2181
f80f4d0afc1d32a436f84c90b3af763a2eb7ac7874807059c2dbf74a1f278f4b
Analyzer Verdict Alert quad9 Sinkholed
GET /image/app-store.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 54046
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:12 GMT
ETag: "49c21-d31e-576d8df204200"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwuVQUd%2BoAbXjHKttQO0RlE2REiiS2JxD%2F%2BHFdORb2LtnkGSJR0kb9amP40Kye2ZMJYURG9xNCIPUwJWlsrSmRrOWk5Er9NQ2npKnauZn%2BjwgMKe5evV3B7F0RSy6hxtDbyAmvCN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e48925b4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/AU.png
104.21.62.213200 OK 1.0 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/AU.png
IP 104.21.62.213:0
File type PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 38d2a311957185b533ab8860ebe63e64
820a9b8b8608ad20ab026ed0dc7f906e23aa4150
a56297bf6d5b73b5a1240c21aa76eaa8dc39b4b06b6eb560a6538edb03aaa82d
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/AU.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d35-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159547
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7o8Iz%2Fk%2BUSgSfjf9AVnb5zbrv8tB0bcQImfaJREUS9%2Fp3eIxH1oYvyHMt72jWRMwqXszXYPaE%2Fe47iKrK66Wjp%2BJ797H7Rl0tt2XRYoEBIjAZFIrVA1%2FjIhiY7qkw39vh3JIMZU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea1d7bb529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/US.png
104.21.62.213200 OK 1.1 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/US.png
IP 104.21.62.213:0
File type PNG image data, 22 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash c2e78a466f167cb30bd4597566f01658
dde3b9192ed1c6b1e0ab8b75224a475f539d2c5c
42c69fe5501c115624f8fe211320606ebcbecc80e7b9bb4c97f1be0e494baf0f
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/US.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 1136
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4c-470-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159547
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPUQd8twqrRXTE5JQiS3zND1qQcktFLPBqdq5gKumOX1%2BvOwwfdRAY5W%2F0AAiIQSv3M4A1%2FeCjp%2B%2FJcs08IDa5ESzJHm0p4N7DD%2FhA1HYSdobYuQtEroKBcsyAKqDNB98lkma9RP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea28dbb4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/Credit-Card-Logos.png
104.21.62.213200 OK 64 kB URL HTTP/1.1 bamboairways.com.vn/image/Credit-Card-Logos.png
IP 104.21.62.213:0
File type PNG image data, 519 x 231, 8-bit/color RGBA, non-interlaced\012- data
Hash c6505ba69c95723e1bafcce4b56e618d
89c011288757215f48ea110c28414ecfa69705e0
e73428885b3030e44eed4d6e44708c3eeb9e99c4c0211d34741c7e9eb934fbeb
Analyzer Verdict Alert quad9 Sinkholed
GET /image/Credit-Card-Logos.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 64255
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c2a-faff-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhsSQGA1rjvIwUpOE0cvdHzofIApnrI9NcRcr6QkNNGV%2F4HLc%2FisYe9vyNfEE41I3JxHfJRMNjfoJRQ%2FeYm6zESDBagHO5kzzXC4nEyi126ENmg6zyLDDBDfJtpGEVzJF%2BchZOkB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e49f5eb4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/CA.png
104.21.62.213200 OK 1.0 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/CA.png
IP 104.21.62.213:0
File type PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash f57870122489f7d147b95128b916531d
1879f385225563e71c1eb2a8818624d408cd1936
3f0725516d5412f244d47aff45386cbc1ac4e218dcb4ae6c3e7b8d17e716774f
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/CA.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d36-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVhM7a%2BLMuhCahKwtDBykiJJ7l1snVjcId%2FLDDbdEBYuFIqoVIOzLwFoJjLb1TapO%2FMVwYi59MwEhJJaDVi57zar3U4XhmwnoDRcplKG5LQfClwI97YUghlJIv%2F2qAGfQHfJ17wd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea0c9eb517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/CL.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/CL.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 7316b0d7b91a9cb79b3111460049196e
578397ada97ecaf887ff99e2d69c07b32709cde5
b7340c497b332a82ea2cadf527334a980e93284be671dda8fb64e6266882a40b
GET /image/flag/CL.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d37-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al7VKro3GKYm3DpkDT80aiIl%2B%2FhukcNnP9GiB6W81TvwjvdSYfALtx9qzdjy32kqr1h%2BQq%2Bv0jDOruts%2FEXXyq5qJajQQm4iKuO4M8OMtfFCyAWEL2zMVB0Z4jmQmKfllfCF4Ezp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea2d90b529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/thanhtoanvisa.png
104.21.62.213200 OK 131 kB URL HTTP/1.1 bamboairways.com.vn/image/thanhtoanvisa.png
IP 104.21.62.213:0
File type PNG image data, 1095 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size 131 kB (130604 bytes)
Hash 5ceb7348a8282beea86e7e5d850384ee
6658d0c4a0279dc6387c02c67ec75fe74ee4a2a3
08913ce8573166a905bbcb5c89b396bbc52094d434abaae6cab25ee858fc9fef
Analyzer Verdict Alert quad9 Sinkholed
GET /image/thanhtoanvisa.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 130604
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:14 GMT
ETag: "49c4c-1fe2c-576d8df3ec680"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL0qyJuLtm0JiZ5ocGoKDtIF2XJ41r5slhHxSwCppvVRO40ol%2Fa%2FLo%2BmeUD5bmIa3tsUgoYlBsdRs9wdF9%2F7VS5Y%2FnNLZEocMLBqEJNov7fO3RpadCuyet8uwYD9uJhbOkIsoAj0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e5fe45b4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/WaitingBig.gif
104.21.62.213200 OK 2.9 kB URL HTTP/1.1 bamboairways.com.vn/image/WaitingBig.gif
IP 104.21.62.213:0
File type GIF image data, version 89a, 128 x 15\012- data
Hash 348f2a450c040be5c3722990ff21d0f5
f5345a4ca903ddbb4c99691d8efa165d54c81c50
ae0a0ab90321d6976f2597eb7a68f55ae379f1d374e34bd6c3a19bd223fb43ce
Analyzer Verdict Alert quad9 Sinkholed
GET /image/WaitingBig.gif HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/gif
Content-Length: 2883
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:14 GMT
ETag: "49c52-b43-576d8df3ec680"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6k4q%2B1AzesdLh%2Bir199AtN25f%2F%2FBqxT1vbSGMer4eElS41MwyETQvN1FGTV0w7x4oKQTEDIws71qS9gkIDVIgEr9znVL%2FYDEz1CPTOK5dM0wAX4Fq3NyAZlosLRlvmpwjFwkOIY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea38eeb4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/TH.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/TH.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cac002b4dcc4e55add56bacd13eaf4e
696b7ad26652e8b40eb89f82d9b73204d627c860
5349b1f09f264eee2ffdd5cd14087ca32d0565247d0050a357c4624caef71a09
GET /image/flag/TH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d49-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Ft9DMGmQmUpq7yJSqXusp0MoFtTUrDx9gWnqSwL7zcZoZNpBr3cO%2BjQdhEoSSmH10%2FgTpDEooiquhYktCixadKMqpL8oMoRSg5Lz8aTGdbN95BpwuDNZlnMkTC4s%2FF%2Fs%2FfvKGDU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea4e33b4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/catalog/view/theme/default/image/edb9a4cf.png
104.21.62.213200 OK 238 kB URL HTTP/1.1 bamboairways.com.vn/catalog/view/theme/default/image/edb9a4cf.png
IP 104.21.62.213:0
File type PNG image data, 1920 x 7280, 8-bit/color RGBA, interlaced\012- data
Size 238 kB (237675 bytes)
Hash edb9a4cf9a89c0c7ebb7da2141dc2442
25f608f7df2167f80af4e2859c0ce59d4fbc8812
0f5138ab8f07efdd6da7ad963fd8a00c71e0bb8df8a1996d9e12d1b3258956cd
Analyzer Verdict Alert quad9 Sinkholed
GET /catalog/view/theme/default/image/edb9a4cf.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 237675
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:12 GMT
ETag: "48197-3a06b-576d902e38800"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDIh2TqYcF8rRvzGNPVjxLhl53saPdN8vtaM7JZTPDmEHOElS%2FOmk1F%2Fz386Y%2FvqnY4WnRWPXYH4zzeIcvHOzSoRFVyMivB8%2FK3fxrRTqhkr7KGds7MIT8IbhjcrorH%2Bkxc0RJR9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e75eceb506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/SG.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/SG.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 13361f570f88d209acccda7048fa219b
f92b66f732aee8fb42860e7da802af76c036c924
59cd4e61483174963b48d98167630561db610351ad7b424d22c5476dff4b01cc
GET /image/flag/SG.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d48-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvTqqwr%2FuG2GJGMRWmhBn9m983uit1XidbtTr5HTff%2B0fRMjNaSR%2Fr2WQXXDVESlXg5tTwW63wigRcI%2F%2BOKzwb%2FfkFDQOfV5HQmI9vEjxOqIcMwRInVIB6ij4T%2F9gXLZvitDbfLw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ecefc6b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/VN.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/VN.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash e449450ecb0a8f56d46374835930c560
47faeed3c7c82f160cdcf1192884b1b1858a0fd3
7273147ff838e41fdad60b01915528ada16cd6973cb13a3a1ba0fb87408ccb36
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/VN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4d-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldFVwbtztL%2BskAhyEP4qc5IraS0HdCDZW9ZEOwlaNKyJ7lqUgUaZICeGapJJj5shxWCjPceWybtve4JiT%2B2%2BSRGsy0sl3efzosUMPPj%2FPXuX2zIK4Eng7MHyLQKMmQ8XNjWhKer%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ecf910b529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/PH.png
104.21.62.213200 OK 1.0 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/PH.png
IP 104.21.62.213:0
File type PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash c5ffbc1525ee60cd432387ca56e71156
d15f25dac8c10d33cd7612dfe2e5bd31d9af6dd5
30c2a36b2a39da314589d48ca333d01c48fa8643d69341957f69f912423e488d
GET /image/flag/PH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d46-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95YDtwe3DUSn%2FEUz9C7R%2B0OVy%2BGCOUxj7nRJ0jPNn4N67IuO%2BxaROLcrsLgyAs16ISbF8MguU2o%2BwXCmcY9Qh0LZnYJ2AjcibTTuW7SJweCc%2Bb1NaDaBBzRRNAKoCfPGgiLySr7m"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed18b1b4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/KH.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/KH.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b53452382ee347f9f5ffcc98f232004
60bbe733ded3c8e148753fb292499cd2271e8a05
10840523bfcea11452bfb9d4b632aed4e14f02b8868927d2f19c0cc47e48139e
GET /image/flag/KH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d40-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTh2SwqGWvPHIZuUHI2QSrpk%2B6z%2BxVESuCUx5SfbzLiAvw%2BZZJcOQyoLC%2BLQ3paYXMa3Dbhyc1Vsz56xgw2vWBEZ8kN%2B%2BgRJKNXdnN9Ki6uveCfBIC%2Fhd5ZN4EXKLh4ouqF5B4SS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed19edb4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/ID.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/ID.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash d962b7bc15e2185f11ca62bfc8b94a64
9a74a7fbcfa38cbdeaa3854d161dc7c8e5bb6b34
132df6ccd51d72e96a74aab06f5cd30c728b2017f618542b023b2d8b9c620caf
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/ID.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3d-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTQAN2eWqkE4iKofskJtlWA4UE6ie5vWIDY0%2FSXqCjC6XAryG5kkPjlGhM3cSmmh6WN1qllkwlbSg1wjUPv7UvQEVJZthAxtlupMToHyCZa3miKLdq4kd9hA9EsGB8RTruyHMK%2Fj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed1cf4b4ed-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/HK.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/HK.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash d83e5064199c70418cdf9d1cddde1909
0ce020544affbc2c6a851d4b1ce9b7a343c44778
2e3283865e642aab34498a1dad2a5841781b295a5519770ec9ef622c1509c79b
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/HK.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3c-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4U2YQJVdJ7hjOLJonAvU6lYf%2FM39ukXXAdewasCaoyqkT3GtAnMyhLTgqhGAed7QbcalO4YNgJiYVdoyKTWOVq7DvZICFJqYCda5hcDp%2BQefoXrPj1ibVXXBdk%2FSczFdjLknpaw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efb998b506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/LA.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/LA.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash a362dfddb876512dab50246beb18e596
a4440559238bab0f1a0b2658fdfa158a09015243
3ebba8b42c7caf867b115c31792273a98d7fef19303dad7cd37035a89799290c
GET /image/flag/LA.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d42-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn65GpWoHN6%2B5LbPaQa29oypV6GVyVLkOq%2Bf%2Bpv5LkH5mz%2BnMtwc77yqPaPzMEW6atjl6R5c5mUc4H%2By9hv%2BlnFouf4O8Sr2RKjwJBPnSbG1FrEI3bcI6eGQVECiA%2FQPAUUPoGXe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efcb55b517-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/MM.png
104.21.62.213200 OK 1.2 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/MM.png
IP 104.21.62.213:0
File type PNG image data, 22 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 93cfe42a82aeaffe2cd999f81ddaa526
56b54a50407911a34ac43604c02c1fcb8c6ed3c1
4a4165532f9f2cd3f0bf3a7250441ef7dab1d97ffa1b75aed14fa0cab58a0308
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/MM.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1225
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d43-4c9-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alCVWwpESfySgGj5ztw7sMYaFFt0vs3zErFYUIQTyTuUrm6ygVBFc2HOFEq28iVN5OzbkTYCtbu33EOxBai%2BMidIrljxJyqaMfXo45qWXUgDdxRC%2F6jvY92oe6lMtOsjT9oPQcgv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efcccfb529-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/MY.png
104.21.62.213200 OK 1.0 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/MY.png
IP 104.21.62.213:0
File type PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 4930527bac08f463fd021d05101d2334
04ec244eaa31749ad163e519da454a6471a44fa7
2700c96b4755a564defca8acc6994812ae08d5742791c54712bdfef558287577
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/MY.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d45-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B878mnwOyMedQOJu6pb4Gage0XSNPzqXd6gQn%2FtwSzXrcXlxiBF%2F2XMoD7tUUiQKL06fFKRFcXhixAgODLKBayc4sUxa%2FW8Xk0jw8FIWnM5InwHY4J8%2BHMiBO9alIXS1AQtAX5Jn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efecffb4f9-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/JP.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/JP.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 088f39d5399210a761c78135cff299f1
06c2585ea2c5aa6d0132ceb7b883cc09c9f0b4e3
cd529f3477b671eb09bb44ad4543053c5753d76a4e4b2123b7444d09d0790150
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/JP.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3f-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gqLlKTpilD82IEfYOwsIGCrMfTzjaejSBsLcndx3hTY6BhP0tGUy%2FZApXzxtySn2UKlRxdR2glVjssgGEwAjJzDMDkYx8gfiCHbAVuUDOJvNTdVyCcxTlWiCfjtZ2dGPQAyBSM6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efedd9b4e8-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/IN.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/IN.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 86807ffdd94156383d8d6fbb91c57233
329e509b351902f62a108a4c8d91e5274a2f035a
90f6eb4f92513f3e3ba063dc5f1af75e79b5c8aeb7898ad86f48515632598310
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/IN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3e-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC1%2FjU488aiOt%2FgP645FfbPz9wX7nXpfs7IwuFls5rBLm0rXfddBtLecIze8GrCT3PMmTg2SdCMECsTCEijqXXZt8LTSQ%2Fxn0KKFujfv3iDbXWZHLvoxDTpwx%2B8VH6h7%2FZTdr9ua"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efe8dab4ed-OSL
alt-svc: h2=":443"; ma=60
connect.facebook.net/vi_VN/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/vi_VN/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 57e53b21358abb024a9c2909ab343dd3
e16dc3bfec6b441c16fb136fb5f78d86b9b01693
5494e5e85b7b2746566f17067b526c384c48ca063707997cbbbdd4e85069fea7
GET /vi_VN/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 25de6020c73919c4968e44992141e1ec
ETag: "3b347dca3eacd7d8b1800da6733f3990"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Fri, 07 Oct 2022 13:09:42 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: V+U7ITWKuwJKnCkJqzQ90w==
X-FB-Debug: 8BhvGqSPFQmrZblClYo3S8Ju9pooLmNOXe0y7Rxt8iknVgJ1BZdfpTaW4yUU5xP792rgDrXZpDFIDMDcuDLHuA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Fri, 07 Oct 2022 12:52:19 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1689
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Last-Modified: Fri, 07 Oct 2022 11:33:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 07 Oct 2022 12:41:09 GMT
expires: Fri, 07 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 670
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: AZoCpvrAVxx6wZhpIpRKag28sJGzg3812j7TdnPbpjVgNg0RtqKtbzcPh3SvmdArsJsKLiKdLvvakOKA9Y9g1g==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 12:52:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.130200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2218), with no line terminators
Hash 756bdba10cf92a4959d64561e138c380
0c771d5d109d1567ba290daa06763106c0c5509c
a31d6580e0c2126df61ecdb75517283a625db0aa32cdd61850bebb95c5fe924c
GET /pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1034
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 13:07:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Last-Modified: Fri, 07 Oct 2022 11:33:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamboairways.com.vn/image/flag/CN.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/CN.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash c96443bbf5f1c484d79b404076317d89
5853030b09a9413662f2aba70d219df4f05affee
00f58e2658d584fb1225cc48beef9ea339d620ae2618f73ea63a8b234f720f64
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/CN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d38-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAr5ikGaf2murovk7xuv4dM%2FOdVw0sbWCNtHNBa56Wq16MXDWUZtIXAVOzVrPsQ2%2BXsX5CPnoJ9iJ0E4aDAwNhsTaeoMLl7cj2Lw0K86RKFPGZVwoqljvIz51IemtAQbNSlWLDhV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5f28d9cb506-OSL
alt-svc: h2=":443"; ma=60
bamboairways.com.vn/image/flag/MO.png
104.21.62.213200 OK 1.4 kB URL HTTP/1.1 bamboairways.com.vn/image/flag/MO.png
IP 104.21.62.213:0
File type PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash fc6d98218883914436dfbd486a4f59c3
37eb01517bb4fca52ef9e5da4b62e70c0ae238e6
f0ec8d216d08d077cf9e8ddfb84a5bca8c8d2073c0c08a706e27273327f0f1da
Analyzer Verdict Alert quad9 Sinkholed
GET /image/flag/MO.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d44-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FM5IRDpmSeTVVFE%2B2i10ZgMH7mvPyed2KawWPiKByVjCGc%2BQ5KWCavBvR5p8pN8o7Jf8jlcgA%2F5J34QLBHGStvgMJe%2B71gKVeS2lo51%2BEiEX5JBJ08bawrjLEzPBLRIO6JJCBdG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5f29e93b517-OSL
alt-svc: h2=":443"; ma=60
connect.facebook.net/vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash b0b174bbeada31798ebfd7dece57bd6b
5e6cc2a266517865c0a3add82904b91c2fc4ece4
0e95c37a762b9ab2ba7c7610edf045c506177c5b898287a6cb994e5b53b1c3f0
GET /vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bamboairways.com.vn
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: de89e53beebecd5011c8bd8d9b0e75b8
etag: "69c6958dd9a574dd9fa257578956d1e0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 06 Oct 2023 21:58:40 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: sLF0u+raMXmOv9fezle9aw==
x-fb-debug: Y9JrZnhc338fXQ9RdEshjFlKTrboi+o6lsJGMouC5D0rzE3cSJSY7CGCAWxbZ81UBKmIwPtAZcT0KSBQL08yeA==
priority: u=3,i
content-length: 87089
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 12:52:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bamboairways.com.vn/image/favicon.ico
104.21.62.213200 OK 680 B URL HTTP/1.1 bamboairways.com.vn/image/favicon.ico
IP 104.21.62.213:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 6b97ef8662b36ce79a35d171e530e337
470153c484fc039e8af5459c846e63fe9d461614
4ef2061cb599de6e779b7a520db646256f953f31300b4c0717cd86120213fdee
Analyzer Verdict Alert quad9 Sinkholed
GET /image/favicon.ico HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/x-icon
Content-Length: 680
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c31-1536-576d8df2f8440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7uZUYu3ZtdQus9ixDAjcLU0Fj9fHovoGkRii5NiMopc4CVcCidfvCqT78Eki5xSQuB4bG19Q5adZTzA%2BFYdYlthU0saO52j4BkB5k%2BKb2etPkr4O2LI3p1f9sIGaeFcFgtErNuJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5f3fafdb4f9-OSL
alt-svc: h2=":443"; ma=60
www.facebook.com/tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 73e833a2ec34b5cdc8eacf60a876dcad
6fe5b125e942cff37aa08b23872fa53fb81b96a8
585e86e0d825b57ab601a25722bfa1663c4351ac4d0f190afe40d55897593e42
GET /tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 07 Oct 2022 12:52:19 GMT
X-Firefox-Spdy: h2
bamboairways.com.vn/
104.21.62.213200 OK 0 B IP 104.21.62.213:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd; _ga=GA1.3.1359338731.1665147139; _gid=GA1.3.945122667.1665147139; _gat_gtag_UA_145619567_1=1; _fbp=fb.2.1665147139617.264387887
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GG6U3kQpuv9N6hVDmsw%2BxGBelzgBT62Amvuk0SuvPM%2BAYdcm00n%2Fsq2uZkbS0vf76ikhY0QwnReYDpEA8DXKGvfzjkkho7vxy5dZMyWQfnyUpc5NPxqAMaEZFKCVCX1RAnji1G8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5f72be0b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60