r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13416
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 09:45:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7430
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 09:45:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 09:36:10 GMT
content-type: application/json
age: 573
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 09:45:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rmKBTzNrXwuKuv2swGuYMzqrNtcCspbvDKN9DpUcjzKFfTR2LB1VJKe1VqZ7kseo/sI2AEP2vJw=
x-amz-request-id: XF9CBB9F0C1EK5DT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 09:23:29 GMT
age: 1334
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 09:45:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 09:07:19 GMT
age: 2305
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6958
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 09:45:44 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gTkR8MiRbIor9kd3fz6zZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0OZojdixCjONBjQhr1JyiJRO9p0=
ocsp.digicert.com/
200 OK 280 B IP
Hash b9e4d21a0ca68cf6990a3b1e1f1190bf
ab58708eb4dd5d9b5b85344d2c5076c79c57caab
fc3b94a4e6e14f264ee49ab95fbda653e9aeec1c225451d9db4151dbaf7c55db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:44 GMT
Last-Modified: Fri, 03 Feb 2023 08:27:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
200 OK 282 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2702)
Size 282 kB (282260 bytes)
Hash 1a80fa0b40203a65b0151d9a7a3fb6b1
30f0013dc969d57f2fada24ede9aab80332bf755
aa85c80285fd26294e2dca8e9d4884d8b6c8500fbc835d695e2fd808372f3eb5
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:43 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; expires=Fri, 03-Feb-2023 11:45:43 GMT; Max-Age=7200; path=/; samesite=lax
vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D; expires=Fri, 03-Feb-2023 11:45:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=60, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.vimeo.com/video/770582394?background=1&autoplay=1&loop=1&title=0&sidedock=1&controls=0
200 OK 5.8 kB URL HTTP/1.1 player.vimeo.com/video/770582394?background=1&autoplay=1&loop=1&title=0&sidedock=1&controls=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18159), with no line terminators
Hash 96b25347a7b8d31166cf68d822cea02e
2a725d4497df051c1957d94fc0b54d5be36b705a
d26b00744c692ebe02faff05d1dc14250b05911efbb44c3e71ad4f73546774cd
GET /video/770582394?background=1&autoplay=1&loop=1&title=0&sidedock=1&controls=0 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 03 Feb 2023 09:55:44 GMT
x-host: player-657676658b-8gzpf
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-8
x-backend-proxy: playproxy9
x-bapp-server: player-657676658b-8gzpf
Age: 0
X-Served-By: cache-cph2320044-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675417545.842618,VS0,VE225
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=.lDkXZr6CukpHISzzGgneCaHi7mmZF8g0s9g1U9RmQQ-1675417545-0-Aas72Vg+WFvp6DbVkI1aBy7wQMrIWwQ6oNVG0Bd9N5qodvLpYxEuzmOnPRLGUXUUIptHdz5d+NI+vO7P33T4QQQ=; path=/; expires=Fri, 03-Feb-23 10:15:45 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 793a3c472e511bfa-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.19.2/css/player.css
200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/css/player.css
IP
File type ASCII text, with very long lines (65495)
Hash c0026d31413bb2152b7719a0760a9e35
7807e493c951cb8ad095ae2456cde9719470ea44
89344b91b186bccdd3f4a2a9c71702950700b9cfa66aced10935de2ab81b9a67
GET /p/4.19.2/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:45:45 GMT
age: 228207
x-served-by: cache-iad-kiad7000158-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 167233
x-timer: S1675417545.174613,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20069
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06da032848dee0d02f299eb5d9d0b47b
9328ede00a7daa3c3af4e9a745b2f288a89985e1
1b4032e39d4869ac4d51be6750760b10108ce5d47c357fec81c66dbc90578601
GET /s/player/97ea7458/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Lgvc0l1UyaU?autoplay=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:52:57 GMT
expires: Thu, 01 Feb 2024 15:52:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/css
age: 150768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (679)
Size 110 kB (110070 bytes)
Hash ebe79d652346a39f78ba70ecfb911269
b996db460e2862473018d11947ac7711bc8ca537
445ae1b45376bf82466aa698c16011ea0781d16f3e25653713d935a9bc39fda9
GET /s/player/97ea7458/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Lgvc0l1UyaU?autoplay=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110070
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:53:23 GMT
expires: Thu, 01 Feb 2024 15:53:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 150742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9185ac7d18d51a2062624c9d2e588fde
de857b79c97e82ca7e326dc07694a960b650d190
95c8e485ce80ae788c0575044fb9d14e0fb6b24f8bad4e4b61da78b5014ebced
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165094
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dcb6ae-1d7"
Expires: Sun, 05 Feb 2023 07:37:19 GMT
Last-Modified: Fri, 03 Feb 2023 07:24:30 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _slvnGbHlVxESBycXx1_gQQlNzUsW7MMs79WcyALTIuOBsJA-c11kg==
Age: 769
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9185ac7d18d51a2062624c9d2e588fde
de857b79c97e82ca7e326dc07694a960b650d190
95c8e485ce80ae788c0575044fb9d14e0fb6b24f8bad4e4b61da78b5014ebced
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=165722
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dcb6ae-1d7"
Expires: Sun, 05 Feb 2023 07:47:47 GMT
Last-Modified: Fri, 03 Feb 2023 07:24:30 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ztGmMa-8izbMenYg-1ra-olhqrNwfhlmSbGlTDb2kKuEN0SeRnP5WQ==
Age: 1397
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/manifest.js?id=e96695013b6180c15461ebc73f9490d2
200 OK 1.5 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/manifest.js?id=e96695013b6180c15461ebc73f9490d2
IP
File type ASCII text, with very long lines (1490), with no line terminators
Hash e96695013b6180c15461ebc73f9490d2
70d985cd30388fd5a280440512e74fb452e14ede
62b31332b3cf93c565e9987f61031f5ff6bde9deb184a75bb729a48c8e7fd8ba
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/js/manifest.js?id=e96695013b6180c15461ebc73f9490d2 HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Nov 2022 05:27:07 GMT
ETag: "5d2-5ed535fb57643"
Accept-Ranges: bytes
Content-Length: 1490
Keep-Alive: timeout=60, max=100
Content-Type: application/javascript
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
200 OK 366 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
IP
File type ASCII text, with very long lines (58811)
Size 366 kB (365812 bytes)
Hash 278f8a4829f88657aa9d4bf0f4e21c81
442b114b7550e739d934fe4d802ea8360018aebc
1568ee5ab698b0a8c41c1a5fdca15b627db5276369a6d40ef9a9251166eceedf
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81 HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:44 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "594f4-5f3ba55941cd5"
Accept-Ranges: bytes
Content-Length: 365812
Keep-Alive: timeout=60, max=100
Content-Type: text/css
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f9869471b0635e53f4c753be934d992
f432232002b9d61346c795308761e0ca07ff73c0
c605fcf58e6269cb7ab6cec055facb18cf4522ea5d542b2b72835680e6718458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158924
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dc9391-1d7"
Expires: Sun, 05 Feb 2023 05:54:29 GMT
Last-Modified: Fri, 03 Feb 2023 04:54:41 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: criF3OhXcQLhpJYk3gsiRCJfIXy2DHMC6YjMPRz1tmH-vjXUhmvxuA==
Age: 3588
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f9869471b0635e53f4c753be934d992
f432232002b9d61346c795308761e0ca07ff73c0
c605fcf58e6269cb7ab6cec055facb18cf4522ea5d542b2b72835680e6718458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157666
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dc9391-1d7"
Expires: Sun, 05 Feb 2023 05:33:31 GMT
Last-Modified: Fri, 03 Feb 2023 04:54:41 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YsF2lg--oQEXvmqKXxlUSRosKrUPkn1l7JOaNeqOc0WijsbEz3W4pw==
Age: 2330
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f9869471b0635e53f4c753be934d992
f432232002b9d61346c795308761e0ca07ff73c0
c605fcf58e6269cb7ab6cec055facb18cf4522ea5d542b2b72835680e6718458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161771
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dc9391-1d7"
Expires: Sun, 05 Feb 2023 06:41:56 GMT
Last-Modified: Fri, 03 Feb 2023 04:54:41 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Beo0A6RLLNPF9ozf6gcyuXtRrRWUYP7cOoYJc2OZzCMM40bww4Qoug==
Age: 6435
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3f9869471b0635e53f4c753be934d992
f432232002b9d61346c795308761e0ca07ff73c0
c605fcf58e6269cb7ab6cec055facb18cf4522ea5d542b2b72835680e6718458
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160157
Date: Fri, 03 Feb 2023 09:45:45 GMT
Etag: "63dc9391-1d7"
Expires: Sun, 05 Feb 2023 06:15:02 GMT
Last-Modified: Fri, 03 Feb 2023 04:54:41 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Nz2UYvpP0DC-OPzYB04g3NaeG3I9e4MCE57mK1t1mkpNvNXWzKpEfQ==
Age: 4822
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/footer-logo.svg
200 OK 30 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/footer-logo.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (29697)
Hash 34b1e1dc22bc538bb6c64b0f3ab428cc
ccf705ec0b74228a028c0fcb8a3eeb6814d8f793
e894b606576cf6f0bcf35b21e873b38978898189f055be38326e859401bb74f6
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/footer-logo.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "759c-5f3ba55977836"
Accept-Ranges: bytes
Content-Length: 30108
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-menu-mobile.svg
200 OK 689 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-menu-mobile.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (353)
Hash 02e574a623a45d4757b56835bd0e032f
552af83e653c02bbe0bf78d681323cb9658a76c3
5c70b13ba213e683755b397147011902647c100bc2311a5c2de80ea33cd5c3d4
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-menu-mobile.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2b1-5f3ba55967e36"
Accept-Ranges: bytes
Content-Length: 689
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/vendor.js?id=66f8b13d267f8378312f4109f9222e39
200 OK 88 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/vendor.js?id=66f8b13d267f8378312f4109f9222e39
IP
File type Unicode text, UTF-8 text, with very long lines (65276)
Hash 66f8b13d267f8378312f4109f9222e39
98c64d75a6d735745ad515ec768efd8579acc700
2c7b1bd713382e7a0df7c9d05f29805ab3d20ce6f53fc842300ec9874a22be0e
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/js/vendor.js?id=66f8b13d267f8378312f4109f9222e39 HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 13 Nov 2022 05:27:07 GMT
ETag: "159d8-5ed535fb57643"
Accept-Ranges: bytes
Content-Length: 88536
Keep-Alive: timeout=60, max=100
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 43062
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 61502
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/logo.png
200 OK 6.7 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/logo.png
IP
File type PNG image data, 162 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d4c9b1a482fd9bb8c5b9d26d17bb20b
7ed532f5cec173b05806e87cdcafa4c4c06c7297
a9aad5a6647f947f964aca5c36ab0eb51343dccb150cd04d9e95a3a08caf8c2f
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/logo.png HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "1a30-5f3ba55966e96"
Accept-Ranges: bytes
Content-Length: 6704
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
f.vimeocdn.com/p/4.19.2/js/player.module.js
200 OK 118 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/js/player.module.js
IP
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 118 kB (118106 bytes)
Hash a3997f52d132221645130f34951abf8d
ed1765341e8f05646536584c18d519ee3f455f47
dba3f740169da84d5ad9c5a18d60c16b7b1b5a084ff33abc9abff3758381d54d
GET /p/4.19.2/js/player.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:45:45 GMT
age: 228208
x-served-by: cache-iad-kiad7000084-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 56, 131624
x-timer: S1675417546.753218,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 118106
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-facebook.svg
200 OK 282 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-facebook.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash da4bbed31528fd327ca7bc9e709d960d
17273ab9b50137fa8b777d5ca282c06324e58552
fa26718d75ed662f9cf8096ecbe06a7d3ab802b3bc66df9c72a0190c2aed50fd
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-facebook.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "11a-5f3ba5596ad16"
Accept-Ranges: bytes
Content-Length: 282
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
200 OK 503 B URL HTTP/2 www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
IP
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
GET /s/player/97ea7458/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/Lgvc0l1UyaU?autoplay=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 612749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:53:23 GMT
expires: Thu, 01 Feb 2024 15:53:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 150742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7715
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7715
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 09:45:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 8778
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703c7834618fd34f3d7ce5c82a51abc0
4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c
1f467ce5825e3f8b8f841293d1ce945dc7a577abbe2cb8a2caa16ace165f4857
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fde7081-1c8d-41df-98c8-c063731c6202.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3385
x-amzn-requestid: 30717e1a-7a08-4b11-90e7-cd175aa667d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzrEo4oAMF1qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce4-3bc1302b4cf47fa2520e3033;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AnMRlC-rgJLk6OwzHDFeaGBuDfEuRj_n0S2o1o7QSTZqMwCIr-20-A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:35 GMT
age: 43150
etag: "4bdaa7e9e8d6408b73ea457e7aabb26fa2a5c81c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 42028
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 17544
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p74tt3doRE9DKoD5cpPKriYPFEQhq7f3Xf8vhgNNz7QhZNIvdc6NQQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:18 GMT
age: 42027
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:13:49 GMT
age: 23516
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/fonts/HelveticaNeue-Medium.otf
200 OK 97 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/fonts/HelveticaNeue-Medium.otf
IP
File type OpenType font data\012- data
Hash da9fa9f7b3903e162fe846739d85bd43
d28189ab4c65688d2615c51f373133e993cedc47
892d261779a0e5c54e3021e5dea9a08f8cca04e8742ac8284b2d3699b0457513
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/fonts/HelveticaNeue-Medium.otf HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "17b40-5f3ba5597b6b6"
Accept-Ranges: bytes
Content-Length: 97088
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/vnd.oasis.opendocument.formula-template
media.vietnam.travel/photos/things_to_do/shutterstock_1303493764_1%20%281%29.jpg
200 OK 443 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_1303493764_1%20%281%29.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 480x480, components 3\012- data
Size 443 kB (443345 bytes)
Hash 7198bf1cfc0c84368a7d5f5043300b7f
c17e0565d469a82fe3d773335dac53bb20163e65
065d09d6a76afee25f1a9f558019058667c818dca60b61e155e02535a73819c1
GET /photos/things_to_do/shutterstock_1303493764_1%20%281%29.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 443345
last-modified: Sun, 11 Dec 2022 05:16:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "7198bf1cfc0c84368a7d5f5043300b7f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vFTRc0sMnV_2zKYsePIDl0Zhs8_sp9qlpUeGne8wuVwTVt1jlY3BcA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 449 B IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (345)
Hash 33b62f396445483240e2194465e98a79
7ce54bf76dcbc032d45818c3badcbd63bddbc4a4
564e162fc06ca32db642348b29045ea3d4ab27e6fa5c3a9280cc4055bdefaadb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
media.vietnam.travel/photos/things_to_do/shutterstock_1713347764_1.jpg
200 OK 205 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_1713347764_1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 370x390, components 3\012- data
Size 205 kB (205361 bytes)
Hash 9ea36da912afc9dd86b499ddd6411a1d
5cecf5c0c8f89b93c4f839803253ab63be0790c6
5728bb2e858efa8fbdc9cc6d12916cc2ab130f85dd13c7f744df51abd5ca5ef1
GET /photos/things_to_do/shutterstock_1713347764_1.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 205361
last-modified: Sun, 11 Dec 2022 05:17:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "9ea36da912afc9dd86b499ddd6411a1d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kXzU3VLIExEWroI_1FvfGGuMjpgTA60dpqzrju1g91nVpGNZahBPmw==
X-Firefox-Spdy: h2
media.vietnam.travel/photos/things_to_do/shutterstock_1371256238.jpg
200 OK 393 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_1371256238.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 480x480, components 3\012- data
Size 393 kB (393252 bytes)
Hash 076ab6a944a1499653fd620936a9dc1b
0c2e05f1b51d6c6437dbac85c15143b7a179b9f2
861a5891c9e896ebfc7b864aa569503d3a2b8a1e0acee1c4f84b2e210c58b73f
GET /photos/things_to_do/shutterstock_1371256238.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 393252
last-modified: Sun, 11 Dec 2022 05:16:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "076ab6a944a1499653fd620936a9dc1b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UjlfobNvH0UFCIMKt9YuS5fSvHYuEMZ4e1jt6NTqAQ6ZFHz4S0RncA==
X-Firefox-Spdy: h2
media.vietnam.travel/photos/things_to_do/shutterstock_337356221_1%20%281%29.jpg
200 OK 365 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_337356221_1%20%281%29.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 480x480, components 3\012- data
Size 365 kB (364714 bytes)
Hash 17ffa3bef898a38c33ffac1f1788a0ab
cc0792ba4c66c711f9f28071006b6afa2bf46794
7e0334183134b2ba8aa5961f0a12157945c4bd9a6615afd28e95e739a84c8ff8
GET /photos/things_to_do/shutterstock_337356221_1%20%281%29.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 364714
last-modified: Sun, 11 Dec 2022 05:16:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "17ffa3bef898a38c33ffac1f1788a0ab"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UGlnkuyxNq4deqVSaqoRYj-DxU8dHZonQNZsi9m1heQkoYJklSs6zg==
X-Firefox-Spdy: h2
media.vietnam.travel/photos/things_to_do/pic-gala-award-hcmc_2.jpg
200 OK 1.2 MB URL HTTP/2 media.vietnam.travel/photos/things_to_do/pic-gala-award-hcmc_2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 1260x681, components 3\012- data
Size 1.2 MB (1235485 bytes)
Hash 8b42520dc133754383ae7a17441c1558
eee93787b313508809e4c8aecf925721adb7f112
0d78ae0355f6ee92a9422031163138061c5d53eebcda26f91ce0b25797667ab4
GET /photos/things_to_do/pic-gala-award-hcmc_2.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1235485
last-modified: Sun, 11 Dec 2022 05:17:32 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "8b42520dc133754383ae7a17441c1558"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d5mWJijv5-VUMnzIHWsh8PuOSYg76jaCxu7hp1E7rjY0ZADJ-jZIAA==
X-Firefox-Spdy: h2
media.vietnam.travel/photos/things_to_do/580491601_1.jpg
200 OK 241 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/580491601_1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 480x480, components 3\012- data
Size 241 kB (241088 bytes)
Hash ae92ec086b460cdf3546a333ae68fdcd
9075e9b05271a0c4366f8786eeebfa769d38cc9f
04c386e5d4ca2d851d484302e84669041aeefb50cea0e06787137adef7c5bbb9
GET /photos/things_to_do/580491601_1.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 241088
last-modified: Sun, 11 Dec 2022 05:16:11 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "ae92ec086b460cdf3546a333ae68fdcd"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VjbXexiDX5Z67WdJzWXV2LZ1HwuOTPaJtxSR1XPfVWfoOgh6hM1R2g==
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram.svg
200 OK 1.2 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1113)
Hash bef56703fd92d10153926e28caa63f52
09a6f9d383504d0574026bb9b133bd43d94280fc
38cfe2afa765576606caa211c26d435e7b5a246f5428e1c73db64ea2f04f948e
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-instagram.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "4c1-5f3ba55969d76"
Accept-Ranges: bytes
Content-Length: 1217
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
media.vietnam.travel/photos/things_to_do/shutterstock_1477242425.jpg
200 OK 934 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_1477242425.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 1260x681, components 3\012- data
Size 934 kB (934166 bytes)
Hash b99916070a90da752b5e8ef854a686b1
59e100fd598785c87d4ea30257aa8dd0a8195144
ac06e11213c58f6a2ffd3d62d95ba470caa0195b96e8cf7f06b450b8d41a1d90
GET /photos/things_to_do/shutterstock_1477242425.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 934166
last-modified: Sun, 11 Dec 2022 05:17:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "b99916070a90da752b5e8ef854a686b1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V3f95Wcxt29F3P-gm0lvVOwFM1_-D00N1bDo22rAETkdmpUHncmkDQ==
X-Firefox-Spdy: h2
media.vietnam.travel/photos/things_to_do/shutterstock_767507860%20%281%29_1.jpg
200 OK 445 kB URL HTTP/2 media.vietnam.travel/photos/things_to_do/shutterstock_767507860%20%281%29_1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 480x480, components 3\012- data
Size 445 kB (445051 bytes)
Hash 501738d7f51e4aaa771dd9dad81e7664
58cfb8f3e1abbe8e0d0c6f722ef26fe8c00b0358
808372891a027ba804536850bc60fc97147a1543918d9bb6592ca80b7a5f8fb7
GET /photos/things_to_do/shutterstock_767507860%20%281%29_1.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 445051
last-modified: Sun, 11 Dec 2022 05:16:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "501738d7f51e4aaa771dd9dad81e7664"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ECndu9UCpfqsdj9XAp5yhwz7d-4Cf4W4URrRTmB1-0fQl42s-GlsMg==
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.19.2/js/vendor.module.js
200 OK 92 kB URL HTTP/2 f.vimeocdn.com/p/4.19.2/js/vendor.module.js
IP
File type ASCII text, with very long lines (65457)
Hash e19c45e679b1f6522d7fd4e720bbc735
5c3dcd4a1a4509f1c6ae0106da139d3993faeb4c
36921f993763972f5e285ae77f8714d4c84402aed750f2f456ecde98d727c684
GET /p/4.19.2/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:45:46 GMT
age: 228209
x-served-by: cache-iad-kiad7000044-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 59, 157589
x-timer: S1675417546.164381,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 92489
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/app.js?id=0c976bec2595aebfefaba2f09ffcaf07
200 OK 187 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/js/app.js?id=0c976bec2595aebfefaba2f09ffcaf07
IP
File type Unicode text, UTF-8 text, with very long lines (65472)
Size 187 kB (186967 bytes)
Hash 0c976bec2595aebfefaba2f09ffcaf07
0e2152ad7dd40d55425a4ee5513633b1ebd3e496
1631841713185ee2fdc3976fe633f6fdead04d1cb6fd14fbcabdcb53bedde7fa
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/js/app.js?id=0c976bec2595aebfefaba2f09ffcaf07 HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2da57-5f3ba55941cd5"
Accept-Ranges: bytes
Content-Length: 186967
Keep-Alive: timeout=60, max=100
Content-Type: application/javascript
media.vietnam.travel/photos/things_to_do/best%20ingredients%20for%20health.jpg
200 OK 1.2 MB URL HTTP/2 media.vietnam.travel/photos/things_to_do/best%20ingredients%20for%20health.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 1260x681, components 3\012- data
Size 1.2 MB (1158085 bytes)
Hash e277207b4a8777e9bd3022947e6b5955
d5cdfdc29dab59d2d290292bb322f0332ac65184
58d1ec95dc61244a14dad9a31297a16b6824ebe9761642caf9ecbe4daae7d02f
GET /photos/things_to_do/best%20ingredients%20for%20health.jpg HTTP/1.1
Host: media.vietnam.travel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1158085
last-modified: Sun, 11 Dec 2022 05:17:22 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 03 Feb 2023 09:45:46 GMT
etag: "e277207b4a8777e9bd3022947e6b5955"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a7r0TUUfwlp79qGgC8Fw1Y5MquS8K_sO0S2BWWfT6pUJljcMJwQSjw==
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-tiktok.svg
200 OK 708 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-tiktok.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (458)
Hash baeee21ae1108a1ee8a069030a5fc779
59cf3335ccd311d2ac3882e5bb08b719b3400240
6571743b13838d64a2104be7aa55d54ee3c07f25b221152982f9435f2e121860
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-tiktok.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2c4-5f3ba55967e36"
Accept-Ranges: bytes
Content-Length: 708
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:43:12 GMT
expires: Fri, 03 Feb 2023 09:58:12 GMT
cache-control: public, max-age=900
age: 154
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/04Kf_0kppPM?autoplay=0
200 OK 28 kB URL HTTP/2 www.youtube.com/embed/04Kf_0kppPM?autoplay=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58644)
Hash eef8301bcb5b567a9e5808316c26540e
1a1ad1ece60b0d614f62858eac6359373ee97388
0e4adf65610ecd96b0f48fdabb125880fe976f33141a270fb3bd52684311d55d
GET /embed/04Kf_0kppPM?autoplay=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 09:45:45 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=i558UsuJWrQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=osRDfYVWnXY; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRnMk16VTJNekE0TmpjM01EQTVNQT09EMmv854GGMmv854G; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+326; expires=Sun, 02-Feb-2025 09:45:45 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 03 Feb 2023 09:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 03 Feb 2023 09:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 03 Feb 2023 09:45:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-twitter.svg
200 OK 736 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-twitter.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (632)
Hash 0da920c654b3ab32257b5e3ef0f216e0
e92d109e5422fc5635cb6fdd065f2eb6d7065f4f
eab9b23ab72deb110f3fa95388c766fcaa7844f2e5807defbb5932466d942a0c
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-twitter.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2e0-5f3ba55966e96"
Accept-Ranges: bytes
Content-Length: 736
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 03 Feb 2023 09:45:46 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js
IP
File type ASCII text, with very long lines (36324)
Hash 24357f6b75145cdb14280b5fbe7e4ebb
62b822518245a287168198cadb7fce829716ec43
cf00a10c6320ca9d3a46ceaf0fdd074398d0b9d8f57d9618fcb4c55a54127df5
GET /js/th/l0utS0ZcMB5sywH6Z0mm0C8P1QvukKtyleinqbLPbjc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 06:07:54 GMT
expires: Thu, 01 Feb 2024 06:07:54 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 185872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 02d83a5dc4bad0d50a6c68393635d572
837e7316f3b08e27afc73a5127caf47c5c4de52f
e91ae30b11beba601958e6af1d3fdb8cf9e08dd372eb87c6f0c5b76dc81066ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-youtube.svg
200 OK 491 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-youtube.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (389)
Hash 673597d9de7bd6e47df7891a1f3690e5
440e00ec1e5a7c4334ae6edd114b1b9f9d433ea3
4bc33b3d1d55aa6c52948e07783888416aeaec9d313272597d93ef94f05e32bb
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-youtube.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "1eb-5f3ba55966e96"
Accept-Ranges: bytes
Content-Length: 491
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/choang-ngop-voi-le-hoi-ca-phe-buon-ma-thuot-dam-da-sac-mau-van-hoa-03_0.jpeg
200 OK 177 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/choang-ngop-voi-le-hoi-ca-phe-buon-ma-thuot-dam-da-sac-mau-van-hoa-03_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 634x480, components 3\012- data
Size 177 kB (177397 bytes)
Hash e9ae29c893d7deef8ab62a57b17d345c
c94a0d186e1eaa4545298a26837911749fbb992d
8c25c68a9529efdf83de33d0f455be8de97702caf8378c37c37b0b0875531af5
GET /media.vietnam.travel/photos/events/2023/choang-ngop-voi-le-hoi-ca-phe-buon-ma-thuot-dam-da-sac-mau-van-hoa-03_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: fLfbfFUUnK0+ZGYVFxQGMtvCC5By5nbwNAPAz9bpJCk7XsH70qpd5cdqVC346Zx/51eQqNtvnGI=
x-amz-request-id: 3FTZFZNZV128W369
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Thu, 12 Jan 2023 08:38:41 GMT
ETag: "e9ae29c893d7deef8ab62a57b17d345c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 177397
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ee5300875e90394cca0102d220e81a9d
ea81ff57aa4f628da50bcda6ced3f870a3d82bdb
5cdfe906b8559a1f512f8f4920180f84ad7e957fc11170692df871dca93746e8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:46 GMT
server: ESF
cache-control: private
content-length: 30916
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
200 OK 985 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP
File type ASCII text, with very long lines (1839)
Hash 0541e0ff8702adadfd34ee8c298afbdf
c10da432fdb8736622c8c1fb7708b2599cae882c
967903be4f14e85fe685577417cf83d53b5363e5f02baa3b2242c19a7030b652
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:45:46 GMT
age: 1480112
x-served-by: cache-iad-kiad7000106-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 4491, 494837
x-timer: S1675417547.515820,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 985
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Lgvc0l1UyaU/maxresdefault.webp
200 OK 107 kB URL HTTP/2 i.ytimg.com/vi_webp/Lgvc0l1UyaU/maxresdefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 107 kB (106574 bytes)
Hash d24b1edd34d692d08c2fee00cbf27aa8
36fb6157016651f1337c29391228a13d479141d0
c28a106a1229776d9b24e7be33419874c3c3befe1dd88c9957b2eee6cdf60c38
GET /vi_webp/Lgvc0l1UyaU/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 106574
date: Fri, 03 Feb 2023 09:45:46 GMT
expires: Fri, 03 Feb 2023 11:45:46 GMT
cache-control: public, max-age=7200
etag: "1639387566"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1c56c7c141fbb2647e4909546c5ee1ac
bf1479b20c78d135ce6397b0bff0e6573a3bcbef
30cd3ac555fa6d8d5a5a1165b9ff3b78336c0c3c44e22f034879869a99f61043
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 02d83a5dc4bad0d50a6c68393635d572
837e7316f3b08e27afc73a5127caf47c5c4de52f
e91ae30b11beba601958e6af1d3fdb8cf9e08dd372eb87c6f0c5b76dc81066ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJXDMXFPsjCbX_1oSKKArCWFMBR9Be6KIBWcHA6yFA=s68-c-k-c0x00ffffff-no-rj
200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJXDMXFPsjCbX_1oSKKArCWFMBR9Be6KIBWcHA6yFA=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 681800b1ccd8d64eda2e0d2e38cefb5d
a859be43d2656ffa58d7b574a3087f11be845135
66a1dce9cba3aa8502643a0ca33bd2bb1c8b198a8f279fe26a3bbef5b85f34f8
GET /ytc/AL5GRJXDMXFPsjCbX_1oSKKArCWFMBR9Be6KIBWcHA6yFA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3720
x-xss-protection: 0
date: Fri, 03 Feb 2023 09:45:46 GMT
expires: Fri, 27 Jan 2023 08:19:25 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd4"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-ticket.svg
200 OK 1.3 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-ticket.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (364)
Hash 4f098edee98283ebd3a3317752f48f20
9b3aa88e3fc41fd0898c14b48c7e726619c779bc
6ae8d6227029ebd392e95ff7287f5f4ca522402ad7ba72cab9775366c28d0353
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-ticket.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "53c-5f3ba55967e36"
Accept-Ranges: bytes
Content-Length: 1340
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1c56c7c141fbb2647e4909546c5ee1ac
bf1479b20c78d135ce6397b0bff0e6573a3bcbef
30cd3ac555fa6d8d5a5a1165b9ff3b78336c0c3c44e22f034879869a99f61043
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-transport.svg
200 OK 770 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-transport.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (397)
Hash 87b4f2d071a944f8d2ff3c66da9fb47b
cad94ee2dda1d729feb3aa0526622273b76bbf16
3c0bddf2493e9aca770bbc4acfcb9bd85a2c81e05eafe1b9cc3ef0464913bc4d
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-transport.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "302-5f3ba55967e36"
Accept-Ranges: bytes
Content-Length: 770
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-weather.svg
200 OK 1.7 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-weather.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (609)
Hash d50493d25f1c1d88080353ee265c1da6
97d106ac4948c506ed7d27e32e1edce8d33ac82a
87b8e092ee8e605fb45abb3bcb001fe2f2a364497a3b4bb66830721deb086427
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-weather.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "6ae-5f3ba55966e96"
Accept-Ranges: bytes
Content-Length: 1710
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-safety.svg
200 OK 961 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-safety.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (347)
Hash 87e950dbddf97cf0c9cf403112356f99
8893835f09a94e555938f1cffeefae4e459487f2
4c103fef64211382d03c53d50a2294d2f81b023d008357bbf3c95392d4906c71
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-safety.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "3c1-5f3ba55967e36"
Accept-Ranges: bytes
Content-Length: 961
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a8966836a4324be1fbbe12b2a70e958f
84775def26d3c1a3607f123cff32e6b35d9b7127
af06304ac7a2bd8c83e8ce1cd0b93f767c0c5debe4c17b98196aba1199a80973
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:46 GMT
server: ESF
cache-control: private
content-length: 30818
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/shutterstock_2065827521.jpg
200 OK 585 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/shutterstock_2065827521.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 870x489, components 3\012- data
Size 585 kB (585054 bytes)
Hash edfba4dfe9216ee53fe80f267f09cd9a
bac5398f083e528a743543af8b97eaa829f9c9a4
155c3356cf7e63cf2c9729b1269cc035c8aff98bb97789680c8f3f0895b322ed
GET /media.vietnam.travel/photos/things_to_do/shutterstock_2065827521.jpg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Aj7Fv8NBx7GeOe26+QV4ZK0qDjkjBK3WzMSEOEbm6rCUuTZFmRADol4+Zq/yXDiqC+icjl2bsbc=
x-amz-request-id: 3FTREHW7QC775TQR
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Tue, 13 Dec 2022 10:24:57 GMT
ETag: "edfba4dfe9216ee53fe80f267f09cd9a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 585054
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/fonts/HelveticaNeue.otf
200 OK 192 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/fonts/HelveticaNeue.otf
IP
File type OpenType font data\012- data
Size 192 kB (192268 bytes)
Hash d4e15133da8bf1b315894d0b8758f555
e7b415c12797a8cc11ca03e09507efbfe32c49ee
69c4b8f6bbcfd5b2faad0dd0bcfc8a06199cc12876c3600161600d7c82823892
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/fonts/HelveticaNeue.otf HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "2ef0c-5f3ba5597b6b6"
Accept-Ranges: bytes
Content-Length: 192268
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: application/vnd.oasis.opendocument.formula-template
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8f0870c5ddb70bdd6aacbdfaceaf2089
4a64b6903630ceb7f7d265f20af8c949ed437be3
71b2b786d53bb6e08edc6c415428a0117c701b1e68c77b3c4095c38b39bedfc6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:46 GMT
server: ESF
cache-control: private
content-length: 30909
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-etiquette.svg
200 OK 754 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-etiquette.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash fd0d20cd130884e5eb66afcc6e4fe5df
679d7e6d7da498293acaf2223b48643095b2f5a1
724a6e798d07f5a0bed33f4c80e72ca173076976015aba48935f0cd2a1c79e61
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-etiquette.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2f2-5f3ba5596ad16"
Accept-Ranges: bytes
Content-Length: 754
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-facebook-red.svg
200 OK 360 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-facebook-red.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 236848e023209d0f6b62746d57367f5f
48bf937cd4227521b2bef1aed3b8e0d514ccce24
b38177da6509458b32e539229fcba19facebeee9951bd099a6a603f247862d29
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-facebook-red.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "168-5f3ba5596ad16"
Accept-Ranges: bytes
Content-Length: 360
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/warning.svg
200 OK 641 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/warning.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 94b3259577525d3fdacd1a7cfea32991
2aa01095f25f201c725ae95f07436c23998948d3
ab42db9d8f099eeb59eab5c96d6ff31c946fa3112e8c9ea679ec5541dbca3e24
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/warning.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "281-5f3ba55943c15"
Accept-Ranges: bytes
Content-Length: 641
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-arrow-white.svg
200 OK 504 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-arrow-white.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 77a2119851b1665ba9a62d09ce90b252
0ce8237f79a7a9bbcc67243a0e30f913966fb645
ec2b46c84156f808e790762dbb140324531b328374f8b970c2c2e2b579d752da
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-arrow-white.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "1f8-5f3ba5596ad16"
Accept-Ranges: bytes
Content-Length: 504
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/close.svg
200 OK 351 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/close.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c407df124b8f3787c0060a325599acef
148bec1e19a747aca2489021b71ec2b68ccb10f4
c149e173aec0e171fc647653935d3d17e53307ca8dcf20eabbdd6da23ef560bc
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/close.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:46 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "15f-5f3ba559787d6"
Accept-Ranges: bytes
Content-Length: 351
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/8th-march-womens-day_0.jpg
200 OK 45 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/8th-march-womens-day_0.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 585x400, components 3\012- data
Hash eeac72a91d206115d3595c482e1d1792
690e2d980a961c29df2dc56e29a9d196fb506895
12b26a9de1ede85835c1ca13ed21265199c0751ff7a6224674299aa312919db2
GET /media.vietnam.travel/photos/events/2023/8th-march-womens-day_0.jpg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OeWwAirBH0riDnv0D001C48FSqBiWGQCmVDXUwyzvK+USSbFBnhbp1Sz9IbNBLpEz10h5222W9o=
x-amz-request-id: R0T437W0ZWVMQ6T8
Date: Fri, 03 Feb 2023 09:45:47 GMT
Last-Modified: Thu, 12 Jan 2023 04:57:40 GMT
ETag: "eeac72a91d206115d3595c482e1d1792"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 45106
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram-red.svg
200 OK 1.9 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram-red.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1842)
Hash cdf7a27db51a5657efa44a2f196e009c
6b884097964cd5be4da1b13794033644368b1782
bbead31944ecee07d2a63d7c3bcb61a4d281dac272d329d2ae6dd25f686c4b48
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-instagram-red.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "79a-5f3ba55969d76"
Accept-Ranges: bytes
Content-Length: 1946
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-youtube-red.svg
200 OK 599 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-youtube-red.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (495)
Hash d7aed5182e2f2d89b4be1fb9bcca3539
ed6fe365f7eb26f1f303f2392e5b799903d6cefd
144a7348f91307bcdf8c9f1a193b281b90aed7800579fb4dfffd38c9bf090c1b
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-youtube-red.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "257-5f3ba55966e96"
Accept-Ranges: bytes
Content-Length: 599
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/best%20wellness%20resorts%20Vietnam_1.jpg
200 OK 1.0 MB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/best%20wellness%20resorts%20Vietnam_1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 1260x681, components 3\012- data
Size 1.0 MB (1026268 bytes)
Hash 8417be77e5c062bbe8458b4dc623d630
bb8e9f00bc3e360454c2aac784202de08430b35e
59ebe7ac442b6b88b381e18e0d230c349fccbcdb34595614a981847fd90e5616
GET /media.vietnam.travel/photos/things_to_do/best%20wellness%20resorts%20Vietnam_1.jpg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ooqz3l/se8vlFbRCLW6e73RwdnHYYPdFztDxkYBGtgkeGIsekwH97Vmkfsg9xJl7qffVUqnr8p0=
x-amz-request-id: 3FTYQ3BQM9AWR0B4
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Sun, 11 Dec 2022 05:16:11 GMT
ETag: "8417be77e5c062bbe8458b4dc623d630"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1026268
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/quan-the-am-festival_0.jpeg
200 OK 98 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/quan-the-am-festival_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash ba3389db0983748f15cc834fa37f7c79
1570fcfcf1018cd9b21aa0ce2202b6c2a88cf32a
673a42893a2b2cbff610705991e687a4aa60664c43e999bd34118a106ba48c69
GET /media.vietnam.travel/photos/events/2023/quan-the-am-festival_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: kKxBsn2KGpwKJNqcGY8npoxEh5Dp6vyggVh6sb4qVw5fMg0mf6cWifub+RGzORMMiMbs1LbMppQ=
x-amz-request-id: 02TA3BSTTACJX546
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 05:08:00 GMT
ETag: "ba3389db0983748f15cc834fa37f7c79"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 98097
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/pinterest.svg
200 OK 755 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/pinterest.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (651)
Hash 0bd7487e6d7a3d1597c9b39793c9db64
e3834e81b07c159c1d41b330ab65b669c4aeb4de
ed93637c940252343e875a70abc8df7e9334d1a1077bac139e123411ea35c150
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/pinterest.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2f3-5f3ba55965ef6"
Accept-Ranges: bytes
Content-Length: 755
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/tiktok.svg
200 OK 564 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/tiktok.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (460)
Hash 937de82d0d57160e5f8eec4f8107bf62
717124718aba4d81382eec260c14f5a8390d5572
c62676c56fdd6da50c6557fabd53c9ccf2f22cc22142ea2995b5382de37943fb
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/tiktok.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "234-5f3ba5594b915"
Accept-Ranges: bytes
Content-Length: 564
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
Hash 6e9177ca1b8b1fded844bd2232ee60bd
917ac517b2e752a76b396a957b661a616ac5a4c6
f55b3d343f43751f43e52bcfa56d9bc59c01eb90563cd06a8f28b98db60f4433
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
Hash 6e9177ca1b8b1fded844bd2232ee60bd
917ac517b2e752a76b396a957b661a616ac5a4c6
f55b3d343f43751f43e52bcfa56d9bc59c01eb90563cd06a8f28b98db60f4433
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-hue.jpg
200 OK 352 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-hue.jpg
IP
File type JPEG image data, baseline, precision 8, 630x630, components 3\012- data
Size 352 kB (352207 bytes)
Hash 708082ce2b934fd5a72f31f98d9c1de6
e73c98bceee5bafc417faa776033c0f69451d890
c1108d1460c026f0d18020354e7fce8d38072d08f4fb39a13df72fcc4ff360ad
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-hue.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "55fcf-5f3ba55979776"
Accept-Ranges: bytes
Content-Length: 352207
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
i.vimeocdn.com/video/1546711603-92d7e8552964337413aa4c0ec885adf18f49d08c2325bc80eb4de1c4340882a1-d?mw=1300&mh=738
200 OK 73 kB URL HTTP/2 i.vimeocdn.com/video/1546711603-92d7e8552964337413aa4c0ec885adf18f49d08c2325bc80eb4de1c4340882a1-d?mw=1300&mh=738
IP
File type ISO Media, AVIF Image\012- data
Hash f99ed4d2dd4de81feea86b5910cddc83
2130c012e86e7703a0e461d97e2347119c1abc90
77575081f404ded381954e120e327d1e5cd48adb40c38e62044ea3c55fc9bef6
GET /video/1546711603-92d7e8552964337413aa4c0ec885adf18f49d08c2325bc80eb4de1c4340882a1-d?mw=1300&mh=738 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: f99ed4d2dd4de81feea86b5910cddc83
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-east1-32tc
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 03 Feb 2023 09:45:47 GMT
age: 0
x-served-by: cache-dfw-kdfw8210031-DFW, cache-hel1410030-HEL
x-cache: miss, MISS, MISS
x-cache-hits: 0, 0
x-timer: S1675417547.545311,VS0,VE731
vary: Accept
content-length: 73102
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vietnam-book-day_0.jpeg
200 OK 237 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vietnam-book-day_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x480, components 3\012- data
Size 237 kB (236684 bytes)
Hash f98b2bb6137f68c9fb2a6c8a148b9e09
56c402d6a83cba7c6586b153547dac6fd413cf1e
9804351a737e0997378cf5f000855727a82e33278e6e0bcdd79d67d3210f2089
GET /media.vietnam.travel/photos/events/2023/vietnam-book-day_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bt+2rVAXDdCCyvg9zWj4eFrWVP1PAB0rPoq6Kk/+owszfUKb6htJjtDxHb3EWvh9zCuPGUwqlXM=
x-amz-request-id: 02T9WMN81GD93F33
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 08:54:20 GMT
ETag: "f98b2bb6137f68c9fb2a6c8a148b9e09"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 236684
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/reunification-day_0.jpeg
200 OK 88 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/reunification-day_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash 320ab99359caeec19f480cb40f8ce9dd
b1940f465a8e8c301915cb43c169ecb972560067
798daa957560eda04b712a6b15c26f807d36809d43274005084bf643ba323571
GET /media.vietnam.travel/photos/events/2023/reunification-day_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FX6M4bhXRqC74ifJ7XBnItTcmLAqSRHs67l/K3qVxQ+DnELpiCCEbwSD55BxsoBZ24Z3YcbD/UU=
x-amz-request-id: 02TB7N9NYK8F906R
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 09:05:44 GMT
ETag: "320ab99359caeec19f480cb40f8ce9dd"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 87603
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 03 Feb 2023 09:45:47 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5e158df71b1fdefbf5df03df5c99e5dca19947e11675417544
200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5e158df71b1fdefbf5df03df5c99e5dca19947e11675417544
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=5e158df71b1fdefbf5df03df5c99e5dca19947e11675417544 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1511
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 03 Feb 2023 09:45:47 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/hue-traditional-craft-festival_0.jpeg
200 OK 59 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/hue-traditional-craft-festival_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash acddd9399192c30159b4718e33840b3b
fe66f60868b2e54de5d66563fb9cb3ff40eaae6a
7172db4551fb691e4a4706c3c49a263de3f393c9091c1e067320e2ea89b87d5f
GET /media.vietnam.travel/photos/events/2023/hue-traditional-craft-festival_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3JraSxNuOBXKeswy0kUvLAZgtgm8hY7UvGOoN8KlT/pTTDF1bJY4+L0XPOYsCdSsPQ1oT2jPAsk=
x-amz-request-id: 02TBZ4SRESEVCJ1A
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 09:12:22 GMT
ETag: "acddd9399192c30159b4718e33840b3b"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 58725
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vietnamese-ethnic-groups-culture_0.jpeg
200 OK 140 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vietnamese-ethnic-groups-culture_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 576x480, components 3\012- data
Size 140 kB (140548 bytes)
Hash 50e939e63238b5dd6fdc2b44ee29a524
ad8700c3095cdbf566d6b9d2429f2aba5cedadad
ec50a2b903bb6d09fb85a7a8595274d8e8999e59d1d38835d5d8af6a2c03b7f9
GET /media.vietnam.travel/photos/events/2023/vietnamese-ethnic-groups-culture_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: oZr/uFVQWs/nrmPGK7ET2qRkQw0TyEIFBUZRliLiQO7j5xX+3ptDDvueqEnKFZD02bhm2rZywFA=
x-amz-request-id: 02TFNA2SV38XQ6AQ
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 08:50:03 GMT
ETag: "50e939e63238b5dd6fdc2b44ee29a524"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 140548
ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/dzJAsmEe9WY
IP
Hash 6e9177ca1b8b1fded844bd2232ee60bd
917ac517b2e752a76b396a957b661a616ac5a4c6
f55b3d343f43751f43e52bcfa56d9bc59c01eb90563cd06a8f28b98db60f4433
POST /s/gts1d4/dzJAsmEe9WY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 09:45:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/international-workers-day_0.jpeg
200 OK 132 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/international-workers-day_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Size 132 kB (132132 bytes)
Hash 833c463600100a76f44eeb2acbd25758
6a63e1a7dfc960ac0e6845d02ee93cba5d428e29
5c549361926b149a39f379d0a556de6d171ee53d8c561cd57b22c488c54e23aa
GET /media.vietnam.travel/photos/events/2023/international-workers-day_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 54s/+gGn/+4l3fUjJHBWScXAh6OpGbzmos3kAlX7Ah0qxyPe8R+mx1KCkEzdSQirR/MXFDEEuLQ=
x-amz-request-id: 02T31622QKC60Q8Y
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 09:19:23 GMT
ETag: "833c463600100a76f44eeb2acbd25758"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 132132
50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/sep/video/17dce55c,4d59791b,fbbc5b75,dfdab914,b9fd616b/audio/47ecd4f4,bd67677d,f6ad2804/master.json?query_string_ranges=1&base64_init=1
200 OK 4.5 kB URL HTTP/1.1 50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/sep/video/17dce55c,4d59791b,fbbc5b75,dfdab914,b9fd616b/audio/47ecd4f4,bd67677d,f6ad2804/master.json?query_string_ranges=1&base64_init=1
IP
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (23978)
Hash 9d4d1e9befea2cb08dea7c5481efd313
a78bfba806c043a263659b823e38f1e3b5d23784
c73fc7fa82f4b1c8c099098b5b4a54e8e107412e297928b42a5d8075ccac49a3
GET /exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/sep/video/17dce55c,4d59791b,fbbc5b75,dfdab914,b9fd616b/audio/47ecd4f4,bd67677d,f6ad2804/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1
Host: 50vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: application/json
ETag: W/"523048e7f5ca9550505f2d8ea6d587e7"
origin-retrieved-hour: 1673625600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Length: 4507
Aka-c-hit: cache-hit
Cache-Control: max-age=29746257
Date: Fri, 03 Feb 2023 09:45:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.cf4c2417.1675417547.4063bc7
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.211
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 03 Feb 2023 09:45:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/ironman-70_0.jpeg
200 OK 108 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/ironman-70_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Size 108 kB (108065 bytes)
Hash a3f8e4663c0b52ed757c820ee55af763
9667866aa63176fbd934a1eb10b77f6cde0c8f28
2ee0214f727a7394ccce289b10827a74c9e0a82d22ba173d8d486b8987b620ed
GET /media.vietnam.travel/photos/events/2023/ironman-70_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: la8OZQf9qo4Nw4eL4yC68y0wXHykClZkT+8knPYmaD/Yaf/pNPo8JUmHLwmAqDR4IcYSSg0Y8oU=
x-amz-request-id: 02T3Y9J3TG6WAMBX
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 14:53:04 GMT
ETag: "a3f8e4663c0b52ed757c820ee55af763"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 108065
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/close-x.svg
200 OK 270 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/close-x.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2b8d69e3e9b4654964240669bfa34b3a
a4cabf2284b2c320af6616979cc4b37801c6efb3
59d489d01f3cb254b1ba623aec8854208f51b366e8f91da127a9f9cad7c06db6
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/close-x.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "10e-5f3ba559787d6"
Accept-Ranges: bytes
Content-Length: 270
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-ha-long.jpg
200 OK 265 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-ha-long.jpg
IP
File type JPEG image data, baseline, precision 8, 630x630, components 3\012- data
Size 265 kB (265313 bytes)
Hash cd1c6407c77b626fae120b943ae2c7ff
72f615672609fc8593555ab9c9321581aa1d2e59
8d6f3654c90c1786a9d7608595b68bdd222cbaaf839c669366b0196e89d34719
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-ha-long.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "40c61-5f3ba5597a716"
Accept-Ranges: bytes
Content-Length: 265313
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 653aab3e2d8a095a6d9d77e2613a8046
156d1f1069abcbd5331dc1908c0809c74bec3bba
cd749050b9339c3f7a5bd8071db336b5e945101fea43c9f52221456da300b86e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 943
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:47 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vesak-day-757-tphcm-phatadida_0.jpeg
200 OK 89 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/vesak-day-757-tphcm-phatadida_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash 9e418b40bc4a1946487660a46a2d479a
b415b46f26e2067e3f2f3b8943f4cd3522dd45dc
b4d8438d6738977341e31ba4504089dedae3fff37ea52fe62b62e65e2321b841
GET /media.vietnam.travel/photos/events/2023/vesak-day-757-tphcm-phatadida_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: sYkawKIhphpdwXTaMix8u0aM3qK1sj0L4b+NIaWymcfa6x9E6UnIcbfzSqBDuZXMZOqM5vVsMps=
x-amz-request-id: 02TF0W4WPM8XZ5NN
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 15:00:26 GMT
ETag: "9e418b40bc4a1946487660a46a2d479a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 89190
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/danang-international-fireworks-festival_0.jpeg
200 OK 78 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/danang-international-fireworks-festival_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash 0734da3473db85aa7cbb7676e67153df
813506f4ac246cd9d8fab51d40ece85044c72090
6cde3d2c5b8368e80040dcfd90dccbf5202ebaab46ea142d842af0bcb33f26b3
GET /media.vietnam.travel/photos/events/2023/danang-international-fireworks-festival_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: eQQcfjyCCkOqSDejgDsdxOsWgxr0DNo6c+fbn9GzplAAZjfYH1XvKJhANzHn4LW/BSlAWGcWxAY=
x-amz-request-id: 02T4S2VV15VD0XH1
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 15:09:26 GMT
ETag: "0734da3473db85aa7cbb7676e67153df"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 77932
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/nha-trang-khanh-hoa-sea-festival_0.jpeg
200 OK 82 kB URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/nha-trang-khanh-hoa-sea-festival_0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3\012- data
Hash c5a25fae01d7ef1cdd024d4985391f8a
cb8cc7b12c526eacd54e6ad6f97d8471c2e8a874
113ad8ff1469c6f5d81a352ad112feb10222f88f931f95e1c097e91a83362a1e
GET /media.vietnam.travel/photos/events/2023/nha-trang-khanh-hoa-sea-festival_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qO2e+KUqB4ZTkYAIR7aG9n8ivzORUPTpODtry7OGPFZ2KrrDjmrGCyA9FpFz37Fa2Jg446Marp8=
x-amz-request-id: 02T7G2DDTGYY2GK7
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 15:04:26 GMT
ETag: "c5a25fae01d7ef1cdd024d4985391f8a"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 81684
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-phong-nha.jpg
200 OK 452 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-phong-nha.jpg
IP
File type JPEG image data, baseline, precision 8, 630x630, components 3\012- data
Size 452 kB (451643 bytes)
Hash 2d7bdb3a8b535e5f436a386adab85802
6d476b88eeb364d9b004ba27d2d6fb9fa7c8094c
d0509c5a9ef8a7f358b2febc31f21c56bce1f89f2cb81fe575f2d7da0b6dcba0
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-phong-nha.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "6e43b-5f3ba55979776"
Accept-Ranges: bytes
Content-Length: 451643
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-my-son.jpg
200 OK 388 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-my-son.jpg
IP
File type JPEG image data, baseline, precision 8, 630x630, components 3\012- data
Size 388 kB (387958 bytes)
Hash 2bff7abb81d9b19c0500c439676f31c1
4af5971c90aa6969f2e8fb010f221375119d3701
738b5964af1f8cc8bc5b1c6dca529530fee8c67178394c242561ea636accaed4
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-my-son.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "5eb76-5f3ba55979776"
Accept-Ranges: bytes
Content-Length: 387958
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 08e48d9c0c83997420bbd92b39a558d0
c9d42bca6fc872566bb7982810692754dadb4d8a
e0e8227fd07ae53c6a33fcefaa98abc3f9fb84a111a9abc824434324c3207cba
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1114
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:47 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/ltineraries-heriatage.jpg
200 OK 75 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/ltineraries-heriatage.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 257x257, components 3\012- data
Hash 8e30914aae861950b70e0b83bb9fec73
c11454b6d33eed0b9b37743fc16c4fd6743dff69
7ddffd0dc81d7cba5dd01695c4eaf11a3e16d055db0b644070fb6f4463e9d0b0
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/header/ltineraries-heriatage.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "12698-5f3ba55974956"
Accept-Ranges: bytes
Content-Length: 75416
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram-lg.svg
200 OK 326 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/icon-instagram-lg.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash e6dd1debb9e330518984b9bafbffb9f0
6254add527537a3eeacd1c6d0ad23e5a246322b4
0ce5ebf2c37cdd6521b7cf6a3e941ab9f30e1347c908c838179baf05a0306577
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/icon-instagram-lg.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/css/app.css?id=278f8a4829f88657aa9d4bf0f4e21c81
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "146-5f3ba55969d76"
Accept-Ranges: bytes
Content-Length: 326
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/news-costs-isands.jpg
200 OK 78 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/news-costs-isands.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 257x257, components 3\012- data
Hash 56a1c5563d522060dc16b2386c646b93
e57a016c0bec25712ba2c28386d46dc190fa8f5e
d26728e00bd3f8253b15e775fc1157f4a08c34be344498bea487620185917159
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/header/news-costs-isands.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "1302d-5f3ba559739b6"
Accept-Ranges: bytes
Content-Length: 77869
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/ltineraries-adventure-trails.jpg
200 OK 90 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/ltineraries-adventure-trails.jpg
IP
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 257x257, components 3\012- data
Hash d250f5e605aa87a786f1d3c17da30177
6df7a7687c614c673414d8ea2c1e7b5f993b7bd1
2e6d41a2ecb6da3f95f085adc6f18aa3d18874c85fd037a178be15f898b991ce
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/header/ltineraries-adventure-trails.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "15d78-5f3ba55974956"
Accept-Ranges: bytes
Content-Length: 89464
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/map-note.svg
200 OK 6.2 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/map-note.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5903)
Hash f913406c40547def9bcb28300fe4615b
b966da97269745888e96d8d0dea66ba7753d6bf9
63428adfb8920dc2d4fa07f929c2bb217cd63530ed54dc618c91ed83600d61da
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/map-note.svg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "1821-5f3ba55965ef6"
Accept-Ranges: bytes
Content-Length: 6177
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9523921bd1ab8bc372055090b0c97761
43e508d9b5ca1c553a43897c6b0c82f1a9253284
44e3b3c8530eff9130dd8acce9e970149a9497d46e81d2a16238c8e62d341d7f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1247
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 03 Feb 2023 09:45:47 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/audio/f6ad2804.mp4?r=dXM%3D&range=922-144418
200 OK 144 kB URL HTTP/1.1 50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/audio/f6ad2804.mp4?r=dXM%3D&range=922-144418
IP
ASN #20940 Akamai International B.V.
Size 144 kB (143497 bytes)
Hash 6104f0974e67bda2c8c66c7471a4b938
efd0729457e3f5c63ad675332d7dce69797e61a7
c18ffdd09cb39d12f5b8ac223f794c137d5dafb647e4dfb34efa1338602c843b
GET /exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/audio/f6ad2804.mp4?r=dXM%3D&range=922-144418 HTTP/1.1
Host: 50vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 143497
ETag: "-CP2D4qnlrPsCEAE="
Last-Modified: Mon, 14 Nov 2022 04:04:15 GMT
Server: parcel
origin-retrieved-hour: 1668398400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31429160
Date: Fri, 03 Feb 2023 09:45:48 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.cf4c2417.1675417548.4063bc8
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.211
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.211~requestid:4063bc8~time:1675417548~ghostforwardip:23.62.98.72~edgecache:cache-miss~rtt:9~region:NO-; path=/; domain=.akamaized.net;
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/favicon.ico
200 OK 29 kB URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/favicon.ico
IP
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 82b90b8dfee7839092c2c40424297cb1
b11c805dd28f2a171343256a8eded50c50956f9b
d03394724289dc5f2512ac1619f3c2438efd207ac906c7f02baf693bef37da8b
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/favicon.ico HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:48 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "6fa2-5f3ba55977836"
Accept-Ranges: bytes
Content-Length: 28578
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/4d59791b.mp4?r=dXMtd2VzdDE%3D&range=1046-261228
200 OK 260 kB URL HTTP/1.1 50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/4d59791b.mp4?r=dXMtd2VzdDE%3D&range=1046-261228
IP
ASN #20940 Akamai International B.V.
Size 260 kB (260183 bytes)
Hash 7fc350eadbcf571a3aa14062abeef224
723a736bec5c6814f5fefb95bf81e6a10d7eb23d
557bb1d5607e44823dc9a7ace0fe0cfb3d825021ec9c5867af2b5c99565e33ce
GET /exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/4d59791b.mp4?r=dXMtd2VzdDE%3D&range=1046-261228 HTTP/1.1
Host: 50vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 260183
ETag: "-CIOescflrPsCEAE="
Last-Modified: Mon, 14 Nov 2022 04:05:17 GMT
Server: parcel
origin-retrieved-hour: 1668398400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=24517171
Date: Fri, 03 Feb 2023 09:45:48 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.cf4c2417.1675417548.4063bd6
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.211
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.211~requestid:4063bd6~time:1675417548~ghostforwardip:~edgecache:cache-hit~rtt:0~region:NO-; path=/; domain=.akamaized.net;
50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/dfdab914.mp4?r=dXMtY2VudHJhbDE%3D&range=1045-4997862
200 OK 5.0 MB URL HTTP/1.1 50vod-adaptive.akamaized.net/exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/dfdab914.mp4?r=dXMtY2VudHJhbDE%3D&range=1045-4997862
IP
ASN #20940 Akamai International B.V.
Size 5.0 MB (4996818 bytes)
Hash b0bc3b751b3e0f2a8895dc577cde8e76
6673b9c4f95646441b94b6cabc4309a829086a1f
cba93d3460b4458cebc951eabf59534078f2ae37280d7719c904c69e7ed36133
GET /exp=1675421445~acl=%2F3eaed64c-974d-4dbc-8967-57022d278ad1%2F%2A~hmac=26d91c8c0ca7265cd5e0b1e4f21cc22164b39bb9f607567aeff6efcb5b6c0039/3eaed64c-974d-4dbc-8967-57022d278ad1/parcel/video/dfdab914.mp4?r=dXMtY2VudHJhbDE%3D&range=1045-4997862 HTTP/1.1
Host: 50vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 4996818
ETag: "-CKGPwabmrPsCEAE="
Last-Modified: Mon, 14 Nov 2022 04:08:37 GMT
Server: parcel
origin-retrieved-hour: 1668398400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Fri, 03 Feb 2023 09:45:48 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.cf4c2417.1675417548.4063bd7
X-VIM-CACHEBC: EP:H11,E:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.211
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:23.36.76.211~requestid:4063bd7~time:1675417548~ghostforwardip:10.36.76.118~edgecache:cache-miss~rtt:0~region:NO-; path=/; domain=.akamaized.net;
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/home/4-reasons-da-nang-is-vietnam-most-livable-city.jpg
200 OK 0 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/home/4-reasons-da-nang-is-vietnam-most-livable-city.jpg
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/home/4-reasons-da-nang-is-vietnam-most-livable-city.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:45 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "e596f-5f3ba559739b6"
Accept-Ranges: bytes
Content-Length: 940399
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/ew-pgYWVlpk
200 OK 0 B URL HTTP/2 www.youtube.com/embed/ew-pgYWVlpk
IP
GET /embed/ew-pgYWVlpk HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 09:45:45 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=wQR11KhuFiY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRnMk16VTJNelEwTlRBMk1ERXpNZz09EMmv854GGMmv854G; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8WGW_kkd0fg; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+704; expires=Sun, 02-Feb-2025 09:45:45 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/DSC_0670_0.jpg
200 OK 0 B URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/DSC_0670_0.jpg
IP
GET /media.vietnam.travel/photos/things_to_do/DSC_0670_0.jpg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6bS6SYnZ/8DRxOJI0x2Vj/oZEvbVwMHEcUb6jF3E+Y/S9ti8ZJAt8gFXR6azKCHLp4x0ZiEmN3s=
x-amz-request-id: 3FTSJZHP8TWT1A0Y
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Mon, 12 Dec 2022 00:58:41 GMT
ETag: "c2c4f92bf2182ac94a80ff7a01df144d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1265454
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-hoi-an.jpg
200 OK 0 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-hoi-an.jpg
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-hoi-an.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "8fdf3-5f3ba5597a716"
Accept-Ranges: bytes
Content-Length: 589299
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/live-fully-vietnam.jpg
200 OK 0 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/header/live-fully-vietnam.jpg
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/header/live-fully-vietnam.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:28 GMT
ETag: "2ed6e-5f3ba55974956"
Accept-Ranges: bytes
Content-Length: 191854
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/Lgvc0l1UyaU?autoplay=0
200 OK 0 B URL HTTP/2 www.youtube.com/embed/Lgvc0l1UyaU?autoplay=0
IP
GET /embed/Lgvc0l1UyaU?autoplay=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 03 Feb 2023 09:45:45 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Ydx0fRpSpJw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TlRnMk16VTJNemszTWpFeE1EQXhNZz09EMmv854GGMmv854G; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=dZUiZQXNn6Q; Domain=.youtube.com; Expires=Wed, 02-Aug-2023 09:45:45 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+285; expires=Sun, 02-Feb-2025 09:45:45 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/terrain-valentines-day-bouquet-tout-c5fcf171bdca428e98f1d2ea68813ad4_0.jpeg
200 OK 0 B URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/terrain-valentines-day-bouquet-tout-c5fcf171bdca428e98f1d2ea68813ad4_0.jpeg
IP
GET /media.vietnam.travel/photos/events/2023/terrain-valentines-day-bouquet-tout-c5fcf171bdca428e98f1d2ea68813ad4_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 32ijTpI+6ZxAlEMZtAGld262d+JAzJf0qS4ZuqhcrXgjy/0q9BWgg2NlLPNVaEq/sNkhRHO/i1A=
x-amz-request-id: 3FTNJD8BVT8DY9QF
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Wed, 11 Jan 2023 02:56:52 GMT
ETag: "28c294cd47de4830b5911d804a1384dd"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 261129
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/my_son_sanctuary.jpg
200 OK 0 B URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/things_to_do/my_son_sanctuary.jpg
IP
GET /media.vietnam.travel/photos/things_to_do/my_son_sanctuary.jpg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: es4oVsHL6SGZAOyaYmfbdWJe5lAa8YOF3k8GnHnsA08N1wZf+z4RLqD8QQHjNMN8+Q/zgeEmH5U=
x-amz-request-id: 3FTZ0A116P4MW9QA
Date: Fri, 03 Feb 2023 09:45:46 GMT
Last-Modified: Tue, 13 Dec 2022 07:54:28 GMT
ETag: "f8e198ce72eec0e30f940bb773dd35a8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 1285454
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/chua-huong1-1643167959_0.jpeg
200 OK 0 B URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/chua-huong1-1643167959_0.jpeg
IP
GET /media.vietnam.travel/photos/events/2023/chua-huong1-1643167959_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: h4xxPl6eK+hmSw95aNUJx7dAkfeQ7s+rFHhX32zzuIkoeY9zJFFP7DL9g67BOWL0NwKpoLyuVsw=
x-amz-request-id: 02T5Z1E4908TKRH9
Date: Fri, 03 Feb 2023 09:45:48 GMT
Last-Modified: Thu, 12 Jan 2023 05:17:04 GMT
ETag: "9de01e8a3149e3b893ecfb922dd1867e"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 104512
s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/H%E1%BB%99i%20Lim%20B%E1%BA%AFc%20Ninh_resize_0.jpeg
200 OK 0 B URL HTTP/1.1 s3.ap-southeast-1.amazonaws.com/media.vietnam.travel/photos/events/2023/H%E1%BB%99i%20Lim%20B%E1%BA%AFc%20Ninh_resize_0.jpeg
IP
GET /media.vietnam.travel/photos/events/2023/H%E1%BB%99i%20Lim%20B%E1%BA%AFc%20Ninh_resize_0.jpeg HTTP/1.1
Host: s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: DupKmLc49A/lzgeZyIuG5j2z2XLrOrvvNzA8JUXVY/PShcHxoSFUPA8ElMEOB6CHSuGeEScU2/o=
x-amz-request-id: R0T5XVF922WQWJ9Q
Date: Fri, 03 Feb 2023 09:45:47 GMT
Last-Modified: Wed, 11 Jan 2023 02:56:52 GMT
ETag: "016031669924c80aae58b524f96b2484"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 552959
vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-ha-noi.jpg
200 OK 0 B URL HTTP/1.1 vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/front_office/images/360_thumbnails/360-ha-noi.jpg
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /front_office/images/360_thumbnails/360-ha-noi.jpg HTTP/1.1
Host: vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://vietnamtravelapp-env.eba-mfi8p44s.ap-southeast-1.elasticbeanstalk.com/
Cookie: XSRF-TOKEN=eyJpdiI6IjlXTFBEQndVQ3ZMRE5QeEZ1K1JMNEE9PSIsInZhbHVlIjoiZXJFako4ekx0Q1VnMGR4eFZuSjRJYkRESG9zaUJ3cmFyTDF6QmVXaFllcDFWTi9FbDlIR1EySlFYR3lCczhjTkZyZVk4QkFnWHBSYUZLQnZHazA2SGVoeVR4NmwybXNmMHZBeEFVL2dFRUpuTW9kUjZmZGtaWmtOS25sS2hGbngiLCJtYWMiOiJiNTViYzZmY2FjODgzNDAyMThmMjc2N2VhOWEwOTg5N2RiZGNhY2YyMWEzMzc4NWQzOWZlYzBjZmU1N2Q3Y2IyIiwidGFnIjoiIn0%3D; vietnam_travel_session=eyJpdiI6IjhWcXN5eUh2VEI5VHdqcGJjQ2xKM2c9PSIsInZhbHVlIjoiYjJNb1k0WCtNMnBNc2ZGeVFnaG1nczRGMWNFR25OUG9BaXZDaHlZeHBPZXBsalNOK3plTFZoajg4bGVaa0xqZnhaWlZSMnp1bzMzTFhJdVN6UE00NmhJaE4wSHBjTVA0ZFlmNUtlSHJKd0dmNk5EZ3JyZSt5YmE1ZDJKWlR6bi8iLCJtYWMiOiJjMjU0ZDI4YWJmNDlkZTU4YTU0Mzc4NjZmOTNlOWUxNDRkYzc4YTQ5MWYyODVjYzQ1OWRhNDAwYjVlYjRkYjNmIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 09:45:47 GMT
Server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
Last-Modified: Thu, 02 Feb 2023 16:48:29 GMT
ETag: "666be-5f3ba5597a716"
Accept-Ranges: bytes
Content-Length: 419518
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
54.254.8.156
142.250.74.161
23.36.77.32
151.101.246.109
93.184.220.29
162.159.128.61