Report - bamboairways.com.vn/lienhe

Report Overview

Submitted URL
bamboairways.com.vn/lienhe
IP
172.67.139.88
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-07 12:52:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
104

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googleadservices.com	107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	290 B	18 kB	142.250.74.34
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	43 kB	142.250.74.168
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	2.0 kB	142.250.74.130
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	585 B	86 kB	31.13.72.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	119 kB	31.13.72.12
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.238.3.246
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	754 B	757 B	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755 B	757 B	142.250.74.164
bamboairways.com.vn	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	22 kB	1.1 MB	104.21.62.213
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	21 kB	142.250.74.174
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	bamboairways.com.vn/lienhe	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/script.js	Phishing
2022-10-07	medium	bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js	Phishing
2022-10-07	medium	bamboairways.com.vn/catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3	Phishing
2022-10-07	medium	bamboairways.com.vn/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed
2022-10-07	medium	bamboairways.com.vn	Sinkholed

JavaScript (24)

	URL	Size	First Seen	Last Seen
	bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js	900 B	2023-03-07	2023-03-17
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-17 12:29:59 Times Seen1 Hash d83fa160e8a22d0cd5aece2d6c131bac 9465dbfd694a579d720d9ded4e78d89751527bc5 b179e30293a8cc8c0ab6117803c586bb3475212b58cb7b919aa88b642edb89f3 Loading...

	bamboairways.com.vn/lienhe	464 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-08 08:20:36 Times Seen1 Hash eb4c461df2607ece42cb3bfea8853e8e faa4cfb80a9ec18eead0143862fdd9c8c66469b2 ce8c08c786555fb06c4919e96b3519a17cb8f06eb89a68acbb140d88ab25aff0 Loading...

	bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 19:11:46 Times Seen54959 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	connect.facebook.net/signals/config/171118496600256?v=2.9.84&r=stable	299 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/171118496600256?v=2.9.84&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:41:25 Last Seen2023-03-08 08:20:36 Times Seen1 Hash 914802d1e09f3810532e253dbe262b0b 24a1c6d14d8c66c0f0c5aafb4b029e6a7db27e58 c8b2390776284404e7ca853246cd79600d07bac2924d57cc60d22b0e3e1c0036 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 19:14:36 Times Seen37070785 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js	236 kB	2023-03-07	2023-03-17
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-17 12:29:59 Times Seen1 Hash dc60c20bd6373ebafbe8e26232a2d3bd 4a91037c4366660f7cb73563b2f62a7b7f75a571 5798bbf2acf9f01d8ffc063adaa89a67a1c33c57740362c093329744b2e14668 Loading...

	bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js	15 kB	2023-03-07	2023-03-17
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-17 12:29:59 Times Seen1 Hash 21fb23201e91abb5006b4f45a118145f facfa5093f631092442a21c795c49e4c561b0a2b dac6176ed6b6c53db14ed113f4e9df09dfaaad01a8ef0049a3f7a5d2dd4bdb6f Loading...

	bamboairways.com.vn/lienhe	155 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:40 Last Seen2023-03-08 08:20:36 Times Seen1 Hash e1e9ede3da658675ccdaed9f1bd55356 f346aec32d4034e8c171eeb4be2c56145b997f39 619550ceba3a2f7712459b279a726d6a1e0f17a499a5be4c608a6e093c5e5afa Loading...

	bamboairways.com.vn/lienhe	343 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-08 08:20:36 Times Seen1 Hash a8b2de7485dd20ab6c1c76538409771e 640b25681d1851772e22c2313c7caa46b92921aa d5ec09a095cb282f2dc48206fd8915b6466ced95187f3102b20d6e126a6333fc Loading...

	bamboairways.com.vn/lienhe	1.1 kB	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:39:40 Last Seen2023-03-08 08:20:36 Times Seen1 Hash 8ba95db33b5b0f85d718d13d298d776a e569d3a83cc4598bf0b4c6e075ad2207670f3d05 08fdcd03d64a6a882b9b5f71cfac30023ea803c5b1f3a96cf2e9a2619e10bbe3 Loading...

	bamboairways.com.vn/lienhe	805 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-08 08:20:36 Times Seen1 Hash edf134458a5c3dcd37c183972d6c60d1 58af53e38308eba122c6b38a78e9cea2ca77fa25 beb396710e9cf0537d13fd0432a6ffec090771214d50e438e15d5118db796ea8 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-25 17:52:53 Times Seen1528 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.googleadservices.com/pagead/conversion.js	46 kB	2023-03-08	2023-03-10
Pretty URL www.googleadservices.com/pagead/conversion.js IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:11:38 Last Seen2023-03-10 12:01:36 Times Seen1 Hash 8bf7c4875e5899ce82558071f14e06a9 d64680c0e724360136a43a799f4157056c173d26 44f327eeeb995eabd2810452b355ca82979280a4d7def1bd980d3897e6999af6 Loading...

	bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js	450 B	2023-03-07	2023-11-07
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:06:11 Last Seen2023-11-07 05:52:07 Times Seen11 Hash b696eb3e14317fe0f372e8f52bc53fa0 a718acbbd1933863b678ec6463fe4d349a55b2c0 96767b9a595d7355740295842dc45d64ace06c25a478a5a34efa3eb2b9fa5d03 Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-08	2023-11-10
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:45:46 Last Seen2023-11-10 23:06:10 Times Seen10 Hash d78a7caef2779bec7d3e91de3eb77eeb 5af31c112f3bcd8f2866d4bf89e8455438b1e382 00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674 Loading...

	bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js	93 kB	2023-03-07	2023-05-01
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-05-01 16:49:14 Times Seen3 Hash 5f5a0f8ae83fb2cde70c4fe5ad470944 957ada00e2de7558e11631c0aad70f4497003d60 271a396d6ec10d56a9eb3b0908dece7caf7d32aa5898b90e55973baedcb8da47 Loading...

	bamboairways.com.vn/catalog/view/javascript/script.js	7.8 kB	2023-03-07	2023-03-17
Pretty URL bamboairways.com.vn/catalog/view/javascript/script.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-17 12:29:59 Times Seen1 Hash d5fb72619c4e8a4726034f62aaa932b9 2686b7000f802189bd9a1e24c211034d4e765b9e fb0c15f8913cf770f95d016a74d12623587783178ecac1727bf204e17bb5f8e1 Loading...

	bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js	832 B	2023-03-07	2023-03-17
Pretty URL bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-17 12:29:59 Times Seen1 Hash e2e738b07e159781a7863a739cbe56d4 c9a55c2c5fa669b93b543912d7b03d1940196f80 180cfeeb57a10e0bef37704157b350f7532f40cc711c70d6af7d9e4d24583837 Loading...

	bamboairways.com.vn/lienhe	317 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-08 08:20:36 Times Seen1 Hash e6c2ab77b8796cb6c5bd371af87bc93f e499a598ce14a6040155428e3b3904b17546160f 9f96e660fab7e55c51b8b128cb9058259ffe223686b59d48a958bae9ce9ad8ed Loading...

	bamboairways.com.vn/lienhe	154 B	2023-03-07	2023-03-08
Pretty URL bamboairways.com.vn/lienhe IP 104.21.62.213 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:50:06 Last Seen2023-03-08 08:20:36 Times Seen1 Hash 894a51911197f6d6eff3839ad07627f2 c8491505be11b20f4ea4bc273f63bb5f3b815a7a 543457878207b4881d7ad068bc3079591b1a2314d1a33f0fce16beb847ea3d86 Loading...

	www.googletagmanager.com/gtag/js?id=UA-145619567-1	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-145619567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:20:36 Last Seen2023-03-08 08:20:36 Times Seen1 Hash 863b3f0343cfc476d9a53ae21ba875ab 87652795faa1d9084d779f013112e36e4ce30188 e8338e0cda72ffdaaed88e5042d003b21ac095a1c13dfa9b889c5cf7bdbb0f11 Loading...

	connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v2.8&appId=280431988977552	3.1 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v2.8&appId=280431988977552 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:20:36 Last Seen2023-03-08 08:20:36 Times Seen1 Hash 25de6020c73919c4968e44992141e1ec f98384a1a1d8cd88d016364e8dc5e2a442627c5f 7afbf8a88c63f68ad6a5c4b61f1bd36e0fad371d232e3303ad8401ff116376d0 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4	2.2 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:20:36 Last Seen2023-03-08 08:20:36 Times Seen1 Hash f3e4e5c30bff0e7912d7534e77b84dc0 05e3ce35ca534eb1a5760bee0942c56f7f36b892 e097947eeaa307f5963b43725ee38e5c00d5eff9e2c1460e49b6f74d0dfb6673 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 19:14:36 Times Seen37070785 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (91)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TSipj4uShP-EueHOaDpb-qe5Mvp8BnwQnqwNB0mpODPCBsvqFgV0Ew==
Age: 162295

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6573
Expires: Fri, 07 Oct 2022 14:41:46 GMT
Date: Fri, 07 Oct 2022 12:52:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12483
Expires: Fri, 07 Oct 2022 16:20:16 GMT
Date: Fri, 07 Oct 2022 12:52:13 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: JdAoQu4SVJ2rngNX3E9azhwgBXicDYfczeINg008z6szT7NDRmOkJOhGZE0G6DjqTR4UXCLFm5U=
x-amz-request-id: ZAY29RZD9E9TG936
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 11:59:10 GMT
age: 3183
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 12:52:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

bamboairways.com.vn/lienhe

104.21.62.213

200 OK

9.2 kB

URL HTTP/1.1
bamboairways.com.vn/lienhe
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (654), with CRLF, LF line terminators
Size
9.2 kB (9203 bytes)
Hash
09b3ad06ca93667a81210279ca96032c
e47b9238eb60ef1b747565dc826a9c2792c3a4c6
b6b7e15992b596a53611d94218656ffa8e17d8897db5f20fd0c1099466bd5a5c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /lienhe HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; path=/
language=vi; expires=Sun, 06-Nov-2022 12:40:34 GMT; path=/; domain=bamboairways.com.vn
currency=vnd; expires=Sun, 06-Nov-2022 12:40:34 GMT; path=/; domain=bamboairways.com.vn
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FGTKeakWGZZhZ0nJh24CQ5FBt9F6kpLG7q67hKe8rO%2F9A3WZbwRm%2Bs%2FQWqwL41ZGEyL5tKWYiKXQavzCc6w4sazHuJcYwhxmxahe5mMpULntTeAcDxgaxrD%2Bx0EmH3w6HcZpjl%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d05b39b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleadservices.com/pagead/conversion.js

142.250.74.34

200 OK

17 kB

URL HTTP/1.1
www.googleadservices.com/pagead/conversion.js
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2021)
Size
17 kB (17403 bytes)
Hash
644b3aa474b0b7418649a582badfd446
b86345e44ed16c69f9b8efbd6a9ae426d7b6a8cc
b29181ba84a74ed0344e80b66101125293ccaeb15a22456a02aefdb7671a344a

HTTP Headers

GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/

HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Fri, 07 Oct 2022 12:52:14 GMT
Expires: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 11313833467736987248
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 17403
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=UA-145619567-1

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-145619567-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42431 bytes)
Hash
05d47762862cabb8b1f1985cf05104b2
3dc6020c0366ef1c2fa4509f26b8e0bfa67d5377
420c1d6910244d1996d29f3449a358361f974188ca634989622c5b057631fec8

HTTP Headers

GET /gtag/js?id=UA-145619567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 12:52:14 GMT
expires: Fri, 07 Oct 2022 12:52:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 07 Oct 2022 12:29:41 GMT
Expires: Fri, 07 Oct 2022 13:22:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aF5PdSW23mxKZnrwtaisfns1WpcOO97yeUmw88Oyyn_RkMFHU9sIsA==
Age: 1353

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4198
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:14 GMT
Last-Modified: Fri, 07 Oct 2022 11:42:16 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

bamboairways.com.vn/catalog/view/theme/default/stylesheet/font.css

104.21.62.213

200 OK

168 B

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/stylesheet/font.css
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
168 B (168 bytes)
Hash
3977827bb5b12f6ce77ff7f1eb49e3ae
d25d4cf05f073a7fba4ee3cf9b6c45ad1ce8b9e4
3b0f6c884cb49de189ff7b774233daf1db43efca622e5170181b0f4f4d0c7fab

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/stylesheet/font.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 168
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "4822d-150-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NePQrBhzSKminGrSnEFhKE0fOJ0cq3IjWLbSmzqru0Ri8e%2BfCqZBvka33FAw78jqi2EotFqV3OLHSQTalNRFqEl2VzYEU7Vho%2FK7AUiGTUcBLmhM4CzHuNnE8UpxFHoX5vSvBKMZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46b38b506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/stylesheet/reset.css

104.21.62.213

200 OK

542 B

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/stylesheet/reset.css
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1104), with no line terminators
Size
542 B (542 bytes)
Hash
44e6c04dcb32b62a2ccf7f8634218249
e5487247a2ceaec8e0124376f56dc938c7bf4d47
dcc25d14dd81ea92eb400a4752d89601850db695aec2835462122a924b6b9efa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/stylesheet/reset.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 542
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "48237-450-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCfXx2UZMhHQ2TpSPmNWSGEgUSWQKJAhAUUhTGyLfENLcU6%2FRjmFhMYDnf48qKOYCiX2L1LrQDJrsA8qnqfhcQZGeF2uBvdC%2FfnJeYwBFWvts%2FEc7bnmxs2mPZg%2FR8S9EUPjdwZo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d4685db517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css

104.21.62.213

200 OK

4.0 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17613)
Size
4.0 kB (4010 bytes)
Hash
812c97a95d8d2ba7bf4853a4bdfd2fc7
efb0f9b849f70b75aa6d9b4dfd34e6b016125e50
3ea00503b84945d953f9453d5515c22f1d04c9086c1ece8ff0aed85d459ce2da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/stylesheet/font-awesome.min.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 4010
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:22 GMT
ETag: "4822c-456f-576d9037c1e80"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73UboWTsaPkLlDMvdycKy2ldsJpl0tGM7nDE0dYVGBVGyMcQ7mRRzcSpVhhdREFb712qy2ntctYNxSgwzFuzdIL%2Fl3dzQbWryPg0pTvSpuqQ6xMKoA49LURcbTNTIxDdv7JTHkDl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46fceb529-OSL
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

44.238.3.246

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.238.3.246:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A7FH7XmxOKlFxMIM2HCKAg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8Je36hlOhxEqazFIcBYGqCT169Y=

bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js

104.21.62.213

200 OK

33 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32803)
Size
33 kB (33386 bytes)
Hash
a6a3dbd117622541a216a39e32070101
22838fc7ef342cd1f7d940566dc0df01ddb6f5fc
3b3c24caef7dae9c0e81a3c266f91997a8afec50514cc12bf4739ad5204794b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /catalog/view/javascript/jquery-ui-1.9.2/js/jquery-1.8.3.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: application/javascript
Content-Length: 33386
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:04 GMT
ETag: "480af-16b11-576d902697600"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb7v7xUe0rlHErZl4zuSUlLQtQsA11DKA1s2GVJRJJGI6s1QoK8NaI8zwEGTF82I%2BmH5Jh%2FAE%2BBFNHcqISxwQRoNm4bVdJzJNgr2q33YIU43HFJczOr5VRMmDAhWPq%2BBMK8MZqny"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46f1cb4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css

104.21.62.213

200 OK

28 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (461)
Size
28 kB (27842 bytes)
Hash
80f776d8c0d281db4e09df2159e599a9
349709a3479efe3b6657a2105675e9b35d84069c
5e55bffcab81779569696d0efab0ddbe6cd1dbb4879113736ad7ffd680409505

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/stylesheet/stylesheet.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: text/css
Content-Length: 27842
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 10:15:46 GMT
ETag: "4823b-21cd2-5e398f3b79fbe"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q6GNCG180xpgc5YgjucowSq%2FmFsNdoDvE8vG%2FpT0cxXTv%2Fs%2F%2BQuJ%2Bmy6hF8kqpwJ53sGMTqZFE1M0s8J%2FG8ga7TBmeorRlqLNbDLoJejndXmXemdR5eGSTR%2BEcjhctqTIK0dcwj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d469a3b4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js

104.21.62.213

200 OK

421 B

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (759), with no line terminators
Size
421 B (421 bytes)
Hash
4bd5484e53b1b51646d74f589f7c1718
62c6a3f30e16707d653c93fe504accb2caae63cf
1400d9704c32aee0783f684a5931b4b96be3900495cc4062b444e6530b0d99c3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /catalog/view/javascript/jquery/jquery.ui.datepicker-vi.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 421
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:49 GMT
ETag: "47f5e-340-576d901849440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Vci5tmnG6ADc22aqRkYaX9%2BSUVHsIKCk3TaRN2BNdxkZs%2FQeluvJZmWsfEJfh9ks0b2d4vPamDEJlrDOqhcerIyKVIcBco9FPIZEu98HgQTmb6CXcvZwmMHQOpAgmPMG840ZiTU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d74f5ab506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/script.js

104.21.62.213

200 OK

2.2 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/script.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (382)
Size
2.2 kB (2150 bytes)
Hash
79d829df9c92c32792252cf39e92ddd9
d9f98383f3632acbd93a68299224defc654ed9b0
d402776543d88537e6edb423941d40e96aa914bae1b06d1341084de10b50943e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/javascript/script.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 2150
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:36 GMT
ETag: "47d09-1e6b-576d900be3700"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih3VoRDT%2BvVDauXLhC08o%2Bkjpfv9llG4g368a%2BbaeQo7ooKg2O6GB1ATyDWtuuqNRz8zZMA5d611c8CxO9OmWNFPXjQYUzktUZqbQkjRVBRVHiBAkzju8wuOjDi5n9sWoYkhiuRF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d74be4b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.62.213

200 OK

655 B

URL HTTP/1.1
bamboairways.com.vn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (1238)
Size
655 B (655 bytes)
Hash
bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 15:38:08 GMT
ETag: W/"633c5360-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpjR4%2B2x44fBQhuz1Cg4zb2wuZvAMKxa8mzsrbUu5U2FG%2BOfu9RrCDUy0vqQagKrvxE7M5x80UZYXfVZiElZV%2FktG0rDFuLKrb5cFFQUsrxYX%2FMouR05vda%2FFz5nFEQdvLkCCAmM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5da2ff7b517-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Sun, 09 Oct 2022 12:52:15 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip

bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js

104.21.62.213

200 OK

443 B

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (900), with no line terminators
Size
443 B (443 bytes)
Hash
15c5f531e92a2de7d346d010f2e81f76
16fd74e366076ce60ab636a489c259e1201a91b0
76800df414f1234c43ff324710738ac5690bfbc03ba506aa011bceefc8ec295c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/javascript/jquery/fancybox/jquery.mousewheel-3.0.4.pack.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 443
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "48070-384-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B7D35VZwHYfwJWmc5UytITJY4w0xxF%2FmM7lWAi%2F6SUV8WYd83%2Bss%2FRa%2FCQIb0iyIVnjVp%2BhpsLm5u2kaEoFob7u4VG%2BYVbLQJnTeTn4pffxJpyfMcANpIbEvBChmdPf%2FecURWPN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d75b59b529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js

104.21.62.213

200 OK

62 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32240)
Size
62 kB (62271 bytes)
Hash
797892f601f9521c3c44224911209a90
edeb5c34f4b5b7403186136f7c416dd21cea2e4b
0bcd225adb855b5f5a8a7250b7fd34dce94c04ba8370acdf24159a89ac485911

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/javascript/jquery-ui-1.9.2/js/jquery-ui-1.9.2.custom.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:04 GMT
ETag: "480b0-39841-576d902697600"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7%2BNnYkRF%2BwIwd0aaM7wZTpvnY725395eJMXxiVZHhicueF2TV5D%2Fj%2BYvEk2T4yC4OlqJ0dShTJSOCLg25g86N5EHg0TBz0veY5zLY8W%2F%2FCW5F33E7Q1wxlfuHMVLbKKHUmxBek%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d46af1b4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js

104.21.62.213

200 OK

5.1 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14689), with no line terminators
Size
5.1 kB (5128 bytes)
Hash
70c817e5c9d394d3b0f3f26a2026d8a3
dc1bf5d9adde74a11ffcfa3e7aa59d2f37617938
1c65eab7b21fe13c184b21eb2d7318b10778edd010db3d688c3da3c998e03bdd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 5128
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "4806f-3961-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO3pn2LKBup7P1BRNzW7GXz2N1jGmSpbw1MXdjCHHrH6PP7uXs3YgoGNp2TWXaVensUV5K8tEsjMHMopwASF3ncO0cpkvpIICZnf53fg1TDjjrdFi5SyBLNq0wsdyZSup4mLRaHv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d8ad46b4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6913), with no line terminators
Size
1.4 kB (1374 bytes)
Hash
c49e0febb64236e2f98e00d38cc1c8a6
4faff545c16af32bc7732a6eee4e81d0d5ece563
f8e43fc478e74f583ef5ae438aec4554242e912234cbb2b6b8152242d8da758e

HTTP Headers

GET /catalog/view/javascript/jquery/fancybox/jquery.fancybox-1.3.4.css HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: text/css
Content-Length: 1374
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:01 GMT
ETag: "4806d-1b01-576d9023baf40"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vgwcOBaj67DCfHpr1PfVziWlFmN25Lm3NEuJx2cfMzV88JI1qna3RXnnwZYn9QFurLVG0Tiv3wrbhwMdihY5P4AgBKuaTOyk%2BHx7ndm9GRo4JKxjKV4jtYiaUz9M9sKULhZU%2Foh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5d8bedbb4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js

104.21.62.213

200 OK

227 B

URL HTTP/1.1
bamboairways.com.vn/catalog/view/javascript/jquery/tabs.js
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
227 B (227 bytes)
Hash
b55f8ce4e6c789b76a78d90a4b804aa1
f3ed9d3bf9ad153be42bd3e13c386f6f2fbf4f7f
d8e4c90fb22dc8c1d046a34679366b660ec0a64b832a9cca1e37b95b91ed6822

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/javascript/jquery/tabs.js HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:15 GMT
Content-Type: application/javascript
Content-Length: 227
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:54:49 GMT
ETag: "47f62-1c2-576d901849440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ln52lLUCzgKPnIeY2Y7e9HYE1fBG2%2BsCBMTbqrgPfKEMoqb6EdkvmYvVLX0a7KNAHbferGsTXrRhXXam3oDywtmPws5oWNN%2FBynTPvWI2JY7qzMr%2BAbTGcfG018ZEOqAm69FU1ZK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5da1c1bb506-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12234
Expires: Fri, 07 Oct 2022 16:16:10 GMT
Date: Fri, 07 Oct 2022 12:52:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6052 bytes)
Hash
06283ec49d3981b60b28731fd8a9940d
10c0d991f7ad234557792c175fdbf81e3356416a
0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4EEoZVMtDaWUiCVvGW_0w4BSa1f1KDudnzPEoSIVF_ckE9MdhiflOw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:45:54 GMT
age: 54382
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7261 bytes)
Hash
ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 54516
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.5 kB (2478 bytes)
Hash
17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:18:30 GMT
age: 52426
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13437 bytes)
Hash
16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 54291
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10987 bytes)
Hash
53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 53006
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8445 bytes)
Hash
4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 52999
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bamboairways.com.vn/image/flag/DE.png

104.21.62.213

200 OK

1.3 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/DE.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1314 bytes)
Hash
c750a6a830cb880000311b365e9e132d
f6348c7c809c80224ab119252a6931fad1c245c4
864f61b91f63742223dfd4421fc4e130470720be07116a0ec7e93861eec65448

HTTP Headers

GET /image/flag/DE.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1314
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3a-522-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzIGQnd2VoEwyJJe5LV2%2FC1Zcoo3hLd1jIf2QUrKzyh%2FkbmGCv1%2Bo2RrDA88xqUbZ226%2B6UiUyd5DXN7l6vnJmYItdynn%2FY7Dx3PYoYX6cklBDY5cV1c32w9dTkk6SXSZ5MMcfl1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dede74b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/RU.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/RU.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
684e512e892fddf109fb6da8cd13a525
88ff56315aea615c55750921896502dec6eeac57
995b9fd75d425493100ab32dfccc8869e757b5ac89b6901854ac916833c4c39c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/RU.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d47-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdZWMqWc%2BX6O%2BaTshNNlSg2yViBauM6Iw13V5mgy%2FEz5a6xMTYdUIgm5io1zGjFeOAhxmclG8y7NMJg7oiFyBLPo3w0hRhTRS5xYduYikUEwlonw1XdcoxHFYfNjK9HwFPk1uMpD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedb73b506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/TW.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/TW.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
bdabc506bd4445f385c93bbbf2a5dece
ae740f040f2541133fb23346cdf2892be42557ef
642aa6e35fc94d880080df53d37b8ee5498b7102b95c7560b4a84e7b448e284b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/TW.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4b-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujH8fVxK1ZILGUEhQ4TB2Z9ZsZGf3%2BVYKBvSGOwCdOO7wxEnKf7TASsPpZjb9eO7AeJ6b8z9DBiaj83vNbPAvlsmy8mKTo6apr%2FLU58BIH%2B0Ii5JmVq8SJ416bY10R8kKfGeMcXl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedcc6b4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/CZ.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/CZ.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
98c0984f5b3590811dec31f894e91d7c
cce9aa77ecbd5eeed4b0b96b55ab8f7ffeaf36a9
4d254f06d3734d6e7dfecdbb7e874e12010ffe5cc321080a13a65cb1e0e7cb2c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/CZ.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d39-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHqfpY2wuOrRSsMcOTRf%2BZilKFeU04XMPKy7zOpYns110eOZZpjl78GVABbGnixy1Ffj2WP4pW7KaS37XLgsrpfLaJTl9tfm8ySlVlgwYQm2kCN530AhmTznkBXtzlS1Gj3nVL9L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5deef70b4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/KR.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/KR.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
7040d55cb1113b10a6a0da358b793991
a0c4735394c6e59db2ca00898387d64b9a2604a3
ea1f40269640f483822a8a5651a7bc4bcb48c378ec9ea0bed6961d1abb1e1e3d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/KR.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d41-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ni9QG4pjrjwUxbkTfHhmwYHd3lvShcxUsMXD0U3NjUBCP%2Fa%2BxdRGWwtiLJ4HtiMJ7oqclseU9CyzhAdOATre0Lv4VnHGL52MNHBzT7y2ySXxQZf95w5kMm80ITpgTjv51gcrqOW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ded900b4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/FR.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/FR.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
a75eea4133da2783646f1da3626736cd
eee0c75438648eb90baf42eb3c1a452257e6adff
af3bb1bfead0ce605e931057e90005ae8a3a5351e97455ae9eddee6c394c2b5d

HTTP Headers

GET /image/flag/FR.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3b-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl4aXhwUFiEU7wgHYbsAYxReWMBIomFhpJpPRPWVevMYeenpZzwOp%2FL2%2B1B%2FZlW%2FaPPJcjihbV6Jx02OpMyJElM7NSY9MBVHrRe7whaKlCOa1TJXMLSuFJEX85irPAtHmw%2BeoDDt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5dedecab529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/image/bg-footer2.png

104.21.62.213

200 OK

44 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/image/bg-footer2.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 601 x 276, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44067 bytes)
Hash
0294caface6b0418f3cd9f97a5f1115e
ce31dfc0e2f77879ba82838bbfa7aa43534e6cc4
7b5d1cdfc69c2d662ce22811adf705a4bdb2edeeae9bfffdec7b3a0c03e2cf4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/image/bg-footer2.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 44067
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:08 GMT
ETag: "48118-ac23-576d902a67f00"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159545
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fzt9Qg0zV1Dix%2FSMthXeG%2FfKYUV9gmhT279ayKvz767PlWK4t%2BBoZ9xh7CF4yc60JMlORAAJ%2B8A0E8dfzbyXJk3H4%2B9cEEF8F%2BFNH9Iz3aoUFBYR4f3NqNwXy7aXdnaz9%2FmZI%2Be7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bb56b4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/image/top.png

104.21.62.213

200 OK

3.6 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/image/top.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3629 bytes)
Hash
b18fc188d2ff0c6ef0644f8e2127ddb2
34965a36c1db2d0238a42f7c11f3311b132f3fb0
a138aecc39ceb354ffddfe7be42408b73a91d2a6ace38dcc70b79c49907fd6dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/image/top.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 3629
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:21 GMT
ETag: "48215-e2d-576d9036cdc40"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8XUOhVsQuyXlOtKS%2BuKxscChbacfKL9u6koWgz%2F4hR%2FXypoK8OTvP12SRjfGMq0t4VMFEF4tCJ5K1Znk8ukKL1DOa1xwg%2BUl5Fg5UsAtAYYnA12nT60xPEZqNpdrQjeA05iRii2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bcf1b4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/data/logo/logo-bb2.png

104.21.62.213

200 OK

9.3 kB

URL HTTP/1.1
bamboairways.com.vn/image/data/logo/logo-bb2.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 196 x 59, 8-bit/color RGBA, non-interlaced\012- data
Size
9.3 kB (9312 bytes)
Hash
1b35d3a5150c9165948415910583a479
110700db007f83f300d36e00b83ea707d83577b7
3492a0ef1853aaa10a6f8abbfc34d24e234db14d7ed1d41a77b3b41fa3620695

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/data/logo/logo-bb2.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 9312
Connection: keep-alive
Last-Modified: Fri, 22 Jul 2022 06:08:19 GMT
ETag: "67eb2-2460-5e45ea92b97ec"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkl63HsPWmDUQdN1wGs4fKvgoqttF9S9zeZUUT4yLi7hZqTazDQTUiVeLqgUEOySxJ6qEqemsZ8PhRHh%2FPQy6LMgcIdmt2ljL6gr9B2xU51ius3cD%2BZVSuw0fT6cj%2B4ELlFVXkEQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1ba87b529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/zalo.png

104.21.62.213

200 OK

2.9 kB

URL HTTP/1.1
bamboairways.com.vn/image/zalo.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2876 bytes)
Hash
288a9259004fad8e7b8bfd200f5cee52
c6f4efba6a2ea019ffbb6ff6a7b97eadcc6ed5fb
2ce8c11692e5b60fa886cfc1119be5c7bbce3bfaeb6a9cc33a913d5889c2b42d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/zalo.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 2876
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 07:51:00 GMT
ETag: "429c4-b3c-5e798dfdba120"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0VvPUHF1%2BnPcFIDgcVnZ2CeI7urJes0W1UjyenHpi7BQf6P6xvhg3%2FW%2BDWXpHmpmkYCb6IKlqU8RK0ItPfrbOqqHntaAUsz7r155dYYtC28MAK1v1dZgJrfoAeQ2L6hb28cXRoK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1cb6fb4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/image/img-flybamboo-01235.png

104.21.62.213

200 OK

88 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/image/img-flybamboo-01235.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 369 x 290, 8-bit/color RGBA, non-interlaced\012- data
Size
88 kB (88213 bytes)
Hash
2e5ff531c7dd22c86d9016358242b4df
10c9a633e43a71ed679ce4ab3ea31fe468d5a46a
1074dcecfa3cb7a240ede670e1c4b4daee96fda98c2a389309726e53d881d4cd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/image/img-flybamboo-01235.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 88213
Connection: keep-alive
Last-Modified: Mon, 08 Jul 2019 09:12:47 GMT
ETag: "481c2-15895-58d27d8f921c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoKHVgVYaMuheyouaqOPZWeuUVWjJw1Hu9uKEdG6eIeIqPYlSyPrdsRJOj5h9YCkTiXIwK98Jn%2B%2FcXu9Qqx0WxeCjBjVyI4z5CNtQ3gqkXQbCj3rYlSbej%2BJIjL1kjAVioifQlxQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1b8d4b4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3

104.21.62.213

200 OK

44 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 44432, version 1.0\012- data
Size
44 kB (44432 bytes)
Hash
3293616ec0c605c7c2db25829a0a509e
04c3bf56d87a0828935bd6b4aee859995f321693
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/font/fontawesome-webfont.woff?v=4.0.3 HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/font-awesome.min.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:06 GMT
ETag: W/"480fa-ad90-576d90287fa80"
Vary: Accept-Encoding,User-Agent
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FQrP%2BQhId8111vjaXB%2FDlTo5OQ3mhumpTCFGgBjYkA4h3DrXN1SKgGRc7qmq1xIHSGyEn5X7w7NHi%2BOlPeipZDMm0qfxCNiWA2RSwTy%2Firw2pU0TSjBSqZuFyF%2F5Zx21VMgXGau"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5e1ba21b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/image/0f8c1fac.png

104.21.62.213

200 OK

161 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/image/0f8c1fac.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 800 x 747, 8-bit colormap, non-interlaced\012- data
Size
161 kB (161321 bytes)
Hash
0f8c1faca7728a7f1a1996a9355fa312
237928fcfda8c51ddebb033841645ffbc09d55fb
3770c3b34e3b75dbd8e72935650d13734770a2faabeefb1711eda05f03b1ac7f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/image/0f8c1fac.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:16 GMT
Content-Type: image/png
Content-Length: 161321
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:07 GMT
ETag: "480fe-27629-576d902973cc0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sotvtK3gM%2B0GktvXfgbKkUEe%2FbnnYCjrNn9wKtWay88jQCYTzwMxf7lZkgjEKhUUhClw7UESAA4yCHIPF9UR%2FlmD6ekZcCvXae0F0B9ywPBOKdT1q60H7uHyj4C9s7M8WSk35iIk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e1bf74b506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/language.jpg

104.21.62.213

200 OK

2.7 kB

URL HTTP/1.1
bamboairways.com.vn/image/language.jpg
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 155x24, components 3\012- data
Size
2.7 kB (2664 bytes)
Hash
d4ea0d783aa1f4f29d74077e83320630
4c36187376932ed2ad094e5579ffe937c150506e
5cbcbf1d389e67f7df5c15ad5009c3ac75f29ddaa4c0775e52187bdfd79dc1a6

HTTP Headers

GET /image/language.jpg HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/jpeg
Content-Length: 2664
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c3d-a68-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1%2FQV2hX3Bs%2BiFCLmPQSkDzoWgHesVX8yU3Z1MJHrrCnQF1KVCAf2GRb5xW7n3yeN2ipJtAL%2BHR8jUL1GOFEVcnZEWK46DFMG6EtDpHrLkyQInyt8XH%2BJ4XvVnTRgoFn2WybohhG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e73958b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/google-play.png

104.21.62.213

200 OK

50 kB

URL HTTP/1.1
bamboairways.com.vn/image/google-play.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 484 x 143, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (50024 bytes)
Hash
612061be795b45a471a7d424365e940d
1bebcdae2099e0bd690f7885c175aebacc45cb57
c5749c17ef5b2328036666ecf0e8bd011eebde0c8663b78619a239f9f2770641

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/google-play.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 50024
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c39-c368-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBazfOPCYRtgr8qyf0npamNEbO7O4tq1Gc7U%2BeOgoA4EN7rumEVoF4VjPp3UV0NitWQ5CLET6M9HCUoVMV0JTgR%2Fh9bsX%2B1gpURI6iDnErkBSmgW%2BQALVOPnqi8ExDfXn1m6dOIQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e48debb529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/app-store.png

104.21.62.213

200 OK

54 kB

URL HTTP/1.1
bamboairways.com.vn/image/app-store.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 497 x 147, 8-bit/color RGBA, non-interlaced\012- data
Size
54 kB (54046 bytes)
Hash
d4ac05e1a56e70ea8e75761af5311893
efece30f5508ed64fac1553f40d43aba06bf2181
f80f4d0afc1d32a436f84c90b3af763a2eb7ac7874807059c2dbf74a1f278f4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/app-store.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 54046
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:12 GMT
ETag: "49c21-d31e-576d8df204200"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwuVQUd%2BoAbXjHKttQO0RlE2REiiS2JxD%2F%2BHFdORb2LtnkGSJR0kb9amP40Kye2ZMJYURG9xNCIPUwJWlsrSmRrOWk5Er9NQ2npKnauZn%2BjwgMKe5evV3B7F0RSy6hxtDbyAmvCN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e48925b4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/AU.png

104.21.62.213

200 OK

1.0 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/AU.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1047 bytes)
Hash
38d2a311957185b533ab8860ebe63e64
820a9b8b8608ad20ab026ed0dc7f906e23aa4150
a56297bf6d5b73b5a1240c21aa76eaa8dc39b4b06b6eb560a6538edb03aaa82d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/AU.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d35-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159547
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7o8Iz%2Fk%2BUSgSfjf9AVnb5zbrv8tB0bcQImfaJREUS9%2Fp3eIxH1oYvyHMt72jWRMwqXszXYPaE%2Fe47iKrK66Wjp%2BJ797H7Rl0tt2XRYoEBIjAZFIrVA1%2FjIhiY7qkw39vh3JIMZU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea1d7bb529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/US.png

104.21.62.213

200 OK

1.1 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/US.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1136 bytes)
Hash
c2e78a466f167cb30bd4597566f01658
dde3b9192ed1c6b1e0ab8b75224a475f539d2c5c
42c69fe5501c115624f8fe211320606ebcbecc80e7b9bb4c97f1be0e494baf0f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/US.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 1136
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4c-470-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: HIT
Age: 159547
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPUQd8twqrRXTE5JQiS3zND1qQcktFLPBqdq5gKumOX1%2BvOwwfdRAY5W%2F0AAiIQSv3M4A1%2FeCjp%2B%2FJcs08IDa5ESzJHm0p4N7DD%2FhA1HYSdobYuQtEroKBcsyAKqDNB98lkma9RP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea28dbb4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/Credit-Card-Logos.png

104.21.62.213

200 OK

64 kB

URL HTTP/1.1
bamboairways.com.vn/image/Credit-Card-Logos.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 519 x 231, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64255 bytes)
Hash
c6505ba69c95723e1bafcce4b56e618d
89c011288757215f48ea110c28414ecfa69705e0
e73428885b3030e44eed4d6e44708c3eeb9e99c4c0211d34741c7e9eb934fbeb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/Credit-Card-Logos.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 64255
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c2a-faff-576d8df2f8440"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhsSQGA1rjvIwUpOE0cvdHzofIApnrI9NcRcr6QkNNGV%2F4HLc%2FisYe9vyNfEE41I3JxHfJRMNjfoJRQ%2FeYm6zESDBagHO5kzzXC4nEyi126ENmg6zyLDDBDfJtpGEVzJF%2BchZOkB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e49f5eb4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/CA.png

104.21.62.213

200 OK

1.0 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/CA.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1047 bytes)
Hash
f57870122489f7d147b95128b916531d
1879f385225563e71c1eb2a8818624d408cd1936
3f0725516d5412f244d47aff45386cbc1ac4e218dcb4ae6c3e7b8d17e716774f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/CA.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d36-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVhM7a%2BLMuhCahKwtDBykiJJ7l1snVjcId%2FLDDbdEBYuFIqoVIOzLwFoJjLb1TapO%2FMVwYi59MwEhJJaDVi57zar3U4XhmwnoDRcplKG5LQfClwI97YUghlJIv%2F2qAGfQHfJ17wd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea0c9eb517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/CL.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/CL.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
7316b0d7b91a9cb79b3111460049196e
578397ada97ecaf887ff99e2d69c07b32709cde5
b7340c497b332a82ea2cadf527334a980e93284be671dda8fb64e6266882a40b

HTTP Headers

GET /image/flag/CL.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d37-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al7VKro3GKYm3DpkDT80aiIl%2B%2FhukcNnP9GiB6W81TvwjvdSYfALtx9qzdjy32kqr1h%2BQq%2Bv0jDOruts%2FEXXyq5qJajQQm4iKuO4M8OMtfFCyAWEL2zMVB0Z4jmQmKfllfCF4Ezp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea2d90b529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/thanhtoanvisa.png

104.21.62.213

200 OK

131 kB

URL HTTP/1.1
bamboairways.com.vn/image/thanhtoanvisa.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1095 x 191, 8-bit/color RGBA, non-interlaced\012- data
Size
131 kB (130604 bytes)
Hash
5ceb7348a8282beea86e7e5d850384ee
6658d0c4a0279dc6387c02c67ec75fe74ee4a2a3
08913ce8573166a905bbcb5c89b396bbc52094d434abaae6cab25ee858fc9fef

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/thanhtoanvisa.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:17 GMT
Content-Type: image/png
Content-Length: 130604
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:14 GMT
ETag: "49c4c-1fe2c-576d8df3ec680"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL0qyJuLtm0JiZ5ocGoKDtIF2XJ41r5slhHxSwCppvVRO40ol%2Fa%2FLo%2BmeUD5bmIa3tsUgoYlBsdRs9wdF9%2F7VS5Y%2FnNLZEocMLBqEJNov7fO3RpadCuyet8uwYD9uJhbOkIsoAj0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e5fe45b4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/WaitingBig.gif

104.21.62.213

200 OK

2.9 kB

URL HTTP/1.1
bamboairways.com.vn/image/WaitingBig.gif
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 128 x 15\012- data
Size
2.9 kB (2883 bytes)
Hash
348f2a450c040be5c3722990ff21d0f5
f5345a4ca903ddbb4c99691d8efa165d54c81c50
ae0a0ab90321d6976f2597eb7a68f55ae379f1d374e34bd6c3a19bd223fb43ce

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/WaitingBig.gif HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/gif
Content-Length: 2883
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:14 GMT
ETag: "49c52-b43-576d8df3ec680"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6k4q%2B1AzesdLh%2Bir199AtN25f%2F%2FBqxT1vbSGMer4eElS41MwyETQvN1FGTV0w7x4oKQTEDIws71qS9gkIDVIgEr9znVL%2FYDEz1CPTOK5dM0wAX4Fq3NyAZlosLRlvmpwjFwkOIY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea38eeb4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/TH.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/TH.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
2cac002b4dcc4e55add56bacd13eaf4e
696b7ad26652e8b40eb89f82d9b73204d627c860
5349b1f09f264eee2ffdd5cd14087ca32d0565247d0050a357c4624caef71a09

HTTP Headers

GET /image/flag/TH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d49-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2Ft9DMGmQmUpq7yJSqXusp0MoFtTUrDx9gWnqSwL7zcZoZNpBr3cO%2BjQdhEoSSmH10%2FgTpDEooiquhYktCixadKMqpL8oMoRSg5Lz8aTGdbN95BpwuDNZlnMkTC4s%2FF%2Fs%2FfvKGDU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ea4e33b4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/catalog/view/theme/default/image/edb9a4cf.png

104.21.62.213

200 OK

238 kB

URL HTTP/1.1
bamboairways.com.vn/catalog/view/theme/default/image/edb9a4cf.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1920 x 7280, 8-bit/color RGBA, interlaced\012- data
Size
238 kB (237675 bytes)
Hash
edb9a4cf9a89c0c7ebb7da2141dc2442
25f608f7df2167f80af4e2859c0ce59d4fbc8812
0f5138ab8f07efdd6da7ad963fd8a00c71e0bb8df8a1996d9e12d1b3258956cd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /catalog/view/theme/default/image/edb9a4cf.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/catalog/view/theme/default/stylesheet/stylesheet.css
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 237675
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:55:12 GMT
ETag: "48197-3a06b-576d902e38800"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDIh2TqYcF8rRvzGNPVjxLhl53saPdN8vtaM7JZTPDmEHOElS%2FOmk1F%2Fz386Y%2FvqnY4WnRWPXYH4zzeIcvHOzSoRFVyMivB8%2FK3fxrRTqhkr7KGds7MIT8IbhjcrorH%2Bkxc0RJR9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5e75eceb506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/SG.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/SG.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
13361f570f88d209acccda7048fa219b
f92b66f732aee8fb42860e7da802af76c036c924
59cd4e61483174963b48d98167630561db610351ad7b424d22c5476dff4b01cc

HTTP Headers

GET /image/flag/SG.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d48-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvTqqwr%2FuG2GJGMRWmhBn9m983uit1XidbtTr5HTff%2B0fRMjNaSR%2Fr2WQXXDVESlXg5tTwW63wigRcI%2F%2BOKzwb%2FfkFDQOfV5HQmI9vEjxOqIcMwRInVIB6ij4T%2F9gXLZvitDbfLw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ecefc6b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/VN.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/VN.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
e449450ecb0a8f56d46374835930c560
47faeed3c7c82f160cdcf1192884b1b1858a0fd3
7273147ff838e41fdad60b01915528ada16cd6973cb13a3a1ba0fb87408ccb36

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/VN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d4d-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldFVwbtztL%2BskAhyEP4qc5IraS0HdCDZW9ZEOwlaNKyJ7lqUgUaZICeGapJJj5shxWCjPceWybtve4JiT%2B2%2BSRGsy0sl3efzosUMPPj%2FPXuX2zIK4Eng7MHyLQKMmQ8XNjWhKer%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ecf910b529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/PH.png

104.21.62.213

200 OK

1.0 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/PH.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1047 bytes)
Hash
c5ffbc1525ee60cd432387ca56e71156
d15f25dac8c10d33cd7612dfe2e5bd31d9af6dd5
30c2a36b2a39da314589d48ca333d01c48fa8643d69341957f69f912423e488d

HTTP Headers

GET /image/flag/PH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d46-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95YDtwe3DUSn%2FEUz9C7R%2B0OVy%2BGCOUxj7nRJ0jPNn4N67IuO%2BxaROLcrsLgyAs16ISbF8MguU2o%2BwXCmcY9Qh0LZnYJ2AjcibTTuW7SJweCc%2Bb1NaDaBBzRRNAKoCfPGgiLySr7m"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed18b1b4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/KH.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/KH.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
9b53452382ee347f9f5ffcc98f232004
60bbe733ded3c8e148753fb292499cd2271e8a05
10840523bfcea11452bfb9d4b632aed4e14f02b8868927d2f19c0cc47e48139e

HTTP Headers

GET /image/flag/KH.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d40-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTh2SwqGWvPHIZuUHI2QSrpk%2B6z%2BxVESuCUx5SfbzLiAvw%2BZZJcOQyoLC%2BLQ3paYXMa3Dbhyc1Vsz56xgw2vWBEZ8kN%2B%2BgRJKNXdnN9Ki6uveCfBIC%2Fhd5ZN4EXKLh4ouqF5B4SS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed19edb4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/ID.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/ID.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
d962b7bc15e2185f11ca62bfc8b94a64
9a74a7fbcfa38cbdeaa3854d161dc7c8e5bb6b34
132df6ccd51d72e96a74aab06f5cd30c728b2017f618542b023b2d8b9c620caf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/ID.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3d-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTQAN2eWqkE4iKofskJtlWA4UE6ie5vWIDY0%2FSXqCjC6XAryG5kkPjlGhM3cSmmh6WN1qllkwlbSg1wjUPv7UvQEVJZthAxtlupMToHyCZa3miKLdq4kd9hA9EsGB8RTruyHMK%2Fj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5ed1cf4b4ed-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/HK.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/HK.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
d83e5064199c70418cdf9d1cddde1909
0ce020544affbc2c6a851d4b1ce9b7a343c44778
2e3283865e642aab34498a1dad2a5841781b295a5519770ec9ef622c1509c79b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/HK.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3c-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4U2YQJVdJ7hjOLJonAvU6lYf%2FM39ukXXAdewasCaoyqkT3GtAnMyhLTgqhGAed7QbcalO4YNgJiYVdoyKTWOVq7DvZICFJqYCda5hcDp%2BQefoXrPj1ibVXXBdk%2FSczFdjLknpaw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efb998b506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/LA.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/LA.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
a362dfddb876512dab50246beb18e596
a4440559238bab0f1a0b2658fdfa158a09015243
3ebba8b42c7caf867b115c31792273a98d7fef19303dad7cd37035a89799290c

HTTP Headers

GET /image/flag/LA.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d42-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn65GpWoHN6%2B5LbPaQa29oypV6GVyVLkOq%2Bf%2Bpv5LkH5mz%2BnMtwc77yqPaPzMEW6atjl6R5c5mUc4H%2By9hv%2BlnFouf4O8Sr2RKjwJBPnSbG1FrEI3bcI6eGQVECiA%2FQPAUUPoGXe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efcb55b517-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/MM.png

104.21.62.213

200 OK

1.2 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/MM.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1225 bytes)
Hash
93cfe42a82aeaffe2cd999f81ddaa526
56b54a50407911a34ac43604c02c1fcb8c6ed3c1
4a4165532f9f2cd3f0bf3a7250441ef7dab1d97ffa1b75aed14fa0cab58a0308

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/MM.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1225
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d43-4c9-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alCVWwpESfySgGj5ztw7sMYaFFt0vs3zErFYUIQTyTuUrm6ygVBFc2HOFEq28iVN5OzbkTYCtbu33EOxBai%2BMidIrljxJyqaMfXo45qWXUgDdxRC%2F6jvY92oe6lMtOsjT9oPQcgv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efcccfb529-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/MY.png

104.21.62.213

200 OK

1.0 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/MY.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1047 bytes)
Hash
4930527bac08f463fd021d05101d2334
04ec244eaa31749ad163e519da454a6471a44fa7
2700c96b4755a564defca8acc6994812ae08d5742791c54712bdfef558287577

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/MY.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1047
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d45-417-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B878mnwOyMedQOJu6pb4Gage0XSNPzqXd6gQn%2FtwSzXrcXlxiBF%2F2XMoD7tUUiQKL06fFKRFcXhixAgODLKBayc4sUxa%2FW8Xk0jw8FIWnM5InwHY4J8%2BHMiBO9alIXS1AQtAX5Jn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efecffb4f9-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/JP.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/JP.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
088f39d5399210a761c78135cff299f1
06c2585ea2c5aa6d0132ceb7b883cc09c9f0b4e3
cd529f3477b671eb09bb44ad4543053c5753d76a4e4b2123b7444d09d0790150

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/JP.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3f-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gqLlKTpilD82IEfYOwsIGCrMfTzjaejSBsLcndx3hTY6BhP0tGUy%2FZApXzxtySn2UKlRxdR2glVjssgGEwAjJzDMDkYx8gfiCHbAVuUDOJvNTdVyCcxTlWiCfjtZ2dGPQAyBSM6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efedd9b4e8-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/IN.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/IN.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
86807ffdd94156383d8d6fbb91c57233
329e509b351902f62a108a4c8d91e5274a2f035a
90f6eb4f92513f3e3ba063dc5f1af75e79b5c8aeb7898ad86f48515632598310

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/IN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:18 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d3e-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qC1%2FjU488aiOt%2FgP645FfbPz9wX7nXpfs7IwuFls5rBLm0rXfddBtLecIze8GrCT3PMmTg2SdCMECsTCEijqXXZt8LTSQ%2Fxn0KKFujfv3iDbXWZHLvoxDTpwx%2B8VH6h7%2FZTdr9ua"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5efe8dab4ed-OSL
alt-svc: h2=":443"; ma=60

connect.facebook.net/vi_VN/sdk.js

31.13.72.12

200 OK

1.7 kB

URL HTTP/1.1
connect.facebook.net/vi_VN/sdk.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1961)
Size
1.7 kB (1689 bytes)
Hash
57e53b21358abb024a9c2909ab343dd3
e16dc3bfec6b441c16fb136fb5f78d86b9b01693
5494e5e85b7b2746566f17067b526c384c48ca063707997cbbbdd4e85069fea7

HTTP Headers

GET /vi_VN/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 25de6020c73919c4968e44992141e1ec
ETag: "3b347dca3eacd7d8b1800da6733f3990"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Fri, 07 Oct 2022 13:09:42 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: V+U7ITWKuwJKnCkJqzQ90w==
X-FB-Debug: 8BhvGqSPFQmrZblClYo3S8Ju9pooLmNOXe0y7Rxt8iknVgJ1BZdfpTaW4yUU5xP792rgDrXZpDFIDMDcuDLHuA==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Fri, 07 Oct 2022 12:52:19 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1689

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Last-Modified: Fri, 07 Oct 2022 11:33:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 07 Oct 2022 12:41:09 GMT
expires: Fri, 07 Oct 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 670
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26840 bytes)
Hash
e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: AZoCpvrAVxx6wZhpIpRKag28sJGzg3812j7TdnPbpjVgNg0RtqKtbzcPh3SvmdArsJsKLiKdLvvakOKA9Y9g1g==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 12:52:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4

142.250.74.130

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2218), with no line terminators
Size
1.0 kB (1034 bytes)
Hash
756bdba10cf92a4959d64561e138c380
0c771d5d109d1567ba290daa06763106c0c5509c
a31d6580e0c2126df61ecdb75517283a625db0aa32cdd61850bebb95c5fe924c

HTTP Headers

GET /pagead/viewthroughconversion/968194215/?random=1665147135832&cv=9&fst=1665147135832&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1034
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-Oct-2022 13:07:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Last-Modified: Fri, 07 Oct 2022 11:33:02 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bamboairways.com.vn/image/flag/CN.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/CN.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
c96443bbf5f1c484d79b404076317d89
5853030b09a9413662f2aba70d219df4f05affee
00f58e2658d584fb1225cc48beef9ea339d620ae2618f73ea63a8b234f720f64

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/CN.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d38-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAr5ikGaf2murovk7xuv4dM%2FOdVw0sbWCNtHNBa56Wq16MXDWUZtIXAVOzVrPsQ2%2BXsX5CPnoJ9iJ0E4aDAwNhsTaeoMLl7cj2Lw0K86RKFPGZVwoqljvIz51IemtAQbNSlWLDhV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5f28d9cb506-OSL
alt-svc: h2=":443"; ma=60

bamboairways.com.vn/image/flag/MO.png

104.21.62.213

200 OK

1.4 kB

URL HTTP/1.1
bamboairways.com.vn/image/flag/MO.png
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 22 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1403 bytes)
Hash
fc6d98218883914436dfbd486a4f59c3
37eb01517bb4fca52ef9e5da4b62e70c0ae238e6
f0ec8d216d08d077cf9e8ddfb84a5bca8c8d2073c0c08a706e27273327f0f1da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/flag/MO.png HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/png
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:19 GMT
ETag: "49d44-57b-576d8df8b11c0"
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FM5IRDpmSeTVVFE%2B2i10ZgMH7mvPyed2KawWPiKByVjCGc%2BQ5KWCavBvR5p8pN8o7Jf8jlcgA%2F5J34QLBHGStvgMJe%2B71gKVeS2lo51%2BEiEX5JBJ08bawrjLEzPBLRIO6JJCBdG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7566c5f29e93b517-OSL
alt-svc: h2=":443"; ma=60

connect.facebook.net/vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc

31.13.72.12

200 OK

87 kB

URL HTTP/2
connect.facebook.net/vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (87089 bytes)
Hash
b0b174bbeada31798ebfd7dece57bd6b
5e6cc2a266517865c0a3add82904b91c2fc4ece4
0e95c37a762b9ab2ba7c7610edf045c506177c5b898287a6cb994e5b53b1c3f0

HTTP Headers

GET /vi_VN/sdk.js?hash=878141be16205d44b78b2509187324dc HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bamboairways.com.vn
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: de89e53beebecd5011c8bd8d9b0e75b8
etag: "69c6958dd9a574dd9fa257578956d1e0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 06 Oct 2023 21:58:40 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: sLF0u+raMXmOv9fezle9aw==
x-fb-debug: Y9JrZnhc338fXQ9RdEshjFlKTrboi+o6lsJGMouC5D0rzE3cSJSY7CGCAWxbZ81UBKmIwPtAZcT0KSBQL08yeA==
priority: u=3,i
content-length: 87089
x-fb-trip-id: 1904183273
date: Fri, 07 Oct 2022 12:52:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/968194215/?random=1665147135832&cv=9&fst=1665144000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&tiba=Li%C3%AAn%20h%E1%BB%87%20v%E1%BB%9Bi%20ch%C3%BAng%20t%C3%B4i&fmt=3&is_vtc=1&random=2559395382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 12:52:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 12:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bamboairways.com.vn/image/favicon.ico

104.21.62.213

200 OK

680 B

URL HTTP/1.1
bamboairways.com.vn/image/favicon.ico
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
680 B (680 bytes)
Hash
6b97ef8662b36ce79a35d171e530e337
470153c484fc039e8af5459c846e63fe9d461614
4ef2061cb599de6e779b7a520db646256f953f31300b4c0717cd86120213fdee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /image/favicon.ico HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:19 GMT
Content-Type: image/x-icon
Content-Length: 680
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 11:45:13 GMT
ETag: "49c31-1536-576d8df2f8440"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=31536050
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7uZUYu3ZtdQus9ixDAjcLU0Fj9fHovoGkRii5NiMopc4CVcCidfvCqT78Eki5xSQuB4bG19Q5adZTzA%2BFYdYlthU0saO52j4BkB5k%2BKb2etPkr4O2LI3p1f9sIGaeFcFgtErNuJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5f3fafdb4f9-OSL
alt-svc: h2=":443"; ma=60

www.facebook.com/tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET

31.13.72.36

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (85866 bytes)
Hash
73e833a2ec34b5cdc8eacf60a876dcad
6fe5b125e942cff37aa08b23872fa53fb81b96a8
585e86e0d825b57ab601a25722bfa1663c4351ac4d0f190afe40d55897593e42

HTTP Headers

GET /tr/?id=171118496600256&ev=PageView&dl=http%3A%2F%2Fbamboairways.com.vn%2Flienhe&rl=&if=false&ts=1665147139618&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.2.1665147139617.264387887&it=1665147139293&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bamboairways.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 07 Oct 2022 12:52:19 GMT
X-Firefox-Spdy: h2

bamboairways.com.vn/

104.21.62.213

200 OK

0 B

URL HTTP/1.1
bamboairways.com.vn/
IP
104.21.62.213:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bamboairways.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://bamboairways.com.vn/lienhe
Cookie: PHPSESSID=mqh83l31pbjjf8jv58fns6s425; language=vi; currency=vnd; _ga=GA1.3.1359338731.1665147139; _gid=GA1.3.945122667.1665147139; _gat_gtag_UA_145619567_1=1; _fbp=fb.2.1665147139617.264387887

HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 12:52:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GG6U3kQpuv9N6hVDmsw%2BxGBelzgBT62Amvuk0SuvPM%2BAYdcm00n%2Fsq2uZkbS0vf76ikhY0QwnReYDpEA8DXKGvfzjkkho7vxy5dZMyWQfnyUpc5NPxqAMaEZFKCVCX1RAnji1G8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7566c5f72be0b506-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP