thaiairwaysclub.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 150.95.29.64, located in Bangkok, Thailand and belongs to GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., SG. The main domain is thaiairwaysclub.com.
TLS certificate: Issued by R3 on January 25th 2022. Valid for: 3 months.

This is the only time thaiairwaysclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	67.217.33.130 67.217.33.130	22458 (NETSOURCE) (NETSOURCE)
2	150.95.29.64 150.95.29.64	135161 (GMO-Z-COM...) (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co.)
1	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	4

1 67.217.33.130 (Geneva, United States)

ASN22458 (NETSOURCE, US)

needle.flssol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.95.29.64 (Bangkok, Thailand)

ASN135161 (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., SG)

thaiairwaysclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	thaiairwaysclub.com thaiairwaysclub.com	10 KB
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 15904	617 B
1	flssol.com needle.flssol.com	360 B
5	3

	Domain	Requested by
2	thaiairwaysclub.com	thaiairwaysclub.com
1	ipapi.co	thaiairwaysclub.com
1	needle.flssol.com
5	3

This site contains no links.

Subject Issuer	Validity	Valid
needle.flssol.com cPanel, Inc. Certification Authority	`2022-02-12` - `2022-05-13`	3 months	crt.sh
thaiairwaysclub.com R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh

This page contains 1 frames:

Frame: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/inline.php?DutkaVWp193271410=DutkaVWp193271410-54f3613afa79e26f4a4975402c8976e30ba19448
Frame ID: 5FC1B3059997F100936BD1C22F43B56B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://needle.flssol.com/rokok.html Page URL
https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/ Page URL
https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/?PFXyGNLR=DutkaVWp Page URL

Page Statistics

5
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

11 kB
Transfer

10 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://needle.flssol.com/rokok.html Page URL
https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/ Page URL
https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/?PFXyGNLR=DutkaVWp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK rokok.html
needle.flssol.com/ 118 B
360 B 327ms
104ms Document
text/html 67.217.33.130
NETSOURCE

General

Check archive.org

Show headers Download Go to

Full URL: https://needle.flssol.com/rokok.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.217.33.130 Geneva, United States, ASN22458 (NETSOURCE, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 08 Mar 2022 14:18:59 GMT
Server: Apache
Last-Modified: Tue, 08 Mar 2022 07:35:31 GMT
Accept-Ranges: bytes
Content-Length: 118
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 /
thaiairwaysclub.com/user/CZPOST/MyOrderPost/ 1 KB
1 KB 1389ms
221ms Document
text/html 150.95.29.64
GMO-Z-COM-TH GMO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 150.95.29.64 Bangkok, Thailand, ASN135161 (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., SG),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://needle.flssol.com/

Response headers

content-type: text/html; charset=UTF-8
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Tue, 08 Mar 2022 14:19:01 GMT
content-length: 1160

GET
H2 200 Primary Request / Show response
thaiairwaysclub.com/user/CZPOST/MyOrderPost/ 9 KB
9 KB 216ms
216ms Document
text/html 150.95.29.64
GMO-Z-COM-TH GMO-...

General

Check archive.org

Show headers Download Go to

Full URL: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/?PFXyGNLR=DutkaVWp
Requested by: Host: thaiairwaysclub.com
URL: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 150.95.29.64 Bangkok, Thailand, ASN135161 (GMO-Z-COM-TH GMO-Z com NetDesign Holdings Co., Ltd., SG),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: daffa8223c567effacb4ef232f4826dd423835aa4b51b21b1b4ba3088d318d37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/

Response headers

content-type: text/html; charset=UTF-8
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Tue, 08 Mar 2022 14:19:01 GMT
content-length: 9379

GET
H2 200 / Show response
ipapi.co/org/ 8 B
617 B 334ms
285ms XHR
text/plain 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/org/

Requested by

Host: thaiairwaysclub.com
URL: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/?PFXyGNLR=DutkaVWp

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e8a088043d64367247416719079f1cfe6f003ba7b34617772ae866e8fc9593f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thaiairwaysclub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:19:02 GMT
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wv%2Fjio9wK%2F5lewN4Q9lpDaFf%2FuV7FPrVY1gOBlJz76yZ%2Bw1%2FYvCXUSF5EUnmuuoDrm9QpTdgViYct40I7bOv5USSpLxXlx%2F8hwQuqcRh9bFKDaql6EOqog4TnkjKMYj4HkQuZ1DM"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://thaiairwaysclub.com
allow: HEAD, GET, POST, OPTIONS, OPTIONS
cf-ray: 6e8c3419fc3483a3-MXP
vary: Host, Origin
content-length: 8
x-content-type-options: nosniff

GET inline.php
thaiairwaysclub.com/user/CZPOST/MyOrderPost/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: thaiairwaysclub.com
URL: https://thaiairwaysclub.com/user/CZPOST/MyOrderPost/inline.php?DutkaVWp193271410=DutkaVWp193271410-54f3613afa79e26f4a4975402c8976e30ba19448

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| xhr

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ipapi.co
needle.flssol.com
thaiairwaysclub.com
thaiairwaysclub.com
150.95.29.64
2606:4700:20::681a:92c
67.217.33.130
5e8a088043d64367247416719079f1cfe6f003ba7b34617772ae866e8fc9593f
daffa8223c567effacb4ef232f4826dd423835aa4b51b21b1b4ba3088d318d37

thaiairwaysclub.com Open in urlscan Pro 150.95.29.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

5 Requests

80 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

11 kBTransfer

10 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

thaiairwaysclub.com Open in urlscan Pro
150.95.29.64 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

11 kB
Transfer

10 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions