Overview

URL taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk
IP104.28.6.194
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2019-05-25 18:49:35 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-05-25 2 taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk Malware
2019-05-25 2 taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk Malware
2019-05-25 2 taptin.vn/login Malware
2019-05-25 2 taptin.vn/app/themes/Peafowl/style.min.css?7d23ff901039aef6293954d33d23c066 Malware
2019-05-25 2 taptin.vn/lib/Peafowl/peafowl.min.css?7d23ff901039aef6293954d33d23c066 Malware
2019-05-25 2 taptin.vn/lib/Peafowl/fonts/icomoon.woff?x4x4bl Malware
2019-05-25 2 taptin.vn/lib/Peafowl/peafowl.min.js?7d23ff901039aef6293954d33d23c066 Malware
2019-05-25 2 taptin.vn/app/lib/chevereto.min.js?7d23ff901039aef6293954d33d23c066 Malware
2019-05-25 2 taptin.vn/lib/Peafowl/js/scripts.min.js?7d23ff901039aef6293954d33d23c066 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.28.6.194

Date UQ / IDS / BL URL IP
2019-06-06 22:02:54 +0200
0 - 0 - 9 taptin.vn/files/6-2015/adobe.cs6.all.products (...) 104.28.6.194
2019-05-25 23:28:43 +0200
0 - 0 - 9 taptin.vn/files/9-2014/huongdaninvite_t8qo4.rar 104.28.6.194
2019-05-25 15:55:27 +0200
0 - 0 - 9 taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk 104.28.6.194
2019-05-24 01:28:11 +0200
0 - 0 - 9 taptin.vn/files/7-2014/clipgaiolaxxx.apk 104.28.6.194
2019-05-23 13:25:24 +0200
0 - 0 - 9 taptin.vn/files/9-2015/ccht.apk 104.28.6.194
2019-05-22 11:23:20 +0200
0 - 0 - 9 taptin.vn/files/6-2015/adobe.cs6.all.products (...) 104.28.6.194
2019-05-22 11:12:43 +0200
0 - 0 - 9 taptin.vn/files/7-2015/VolumeAce.apk 104.28.6.194
2019-05-21 07:57:11 +0200
0 - 0 - 9 taptin.vn/files/3-2015/King_root_v_3.30_J9D2P (...) 104.28.6.194
2019-05-10 06:40:59 +0200
0 - 3 - 0 iipghaz.tk/ 104.28.6.194
2019-04-16 04:49:53 +0200
0 - 0 - 9 taptin.vn/files/10-2015/ccht_2.apk 104.28.6.194

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2019-07-04 10:47:28 +0200
0 - 0 - 0 https://www.bitchute.com/video/nGjzUqQzi423/ 104.24.23.87
2019-07-02 09:55:24 +0200
0 - 0 - 0 Finddreamjobs.com 104.17.47.14
2019-07-02 09:51:03 +0200
0 - 0 - 0 https://www.bitchute.com/video/ix3LoPLzjS8a/ 104.24.23.87
2019-07-02 09:50:01 +0200
0 - 0 - 0 https://www.bitchute.com/video/RNGAJQK1s8Qx/ 104.24.22.87
2019-07-02 09:49:59 +0200
0 - 0 - 0 https://www.bitchute.com/video/HUEWirPZXMOI/ 104.24.23.87
2019-07-02 09:49:58 +0200
0 - 0 - 0 https://www.bitchute.com/video/GRkaogicSTRt/ 104.24.23.87
2019-07-02 09:49:56 +0200
0 - 0 - 0 https://www.bitchute.com/video/0vPgxEoFvLs8/ 104.24.23.87
2019-07-02 09:49:34 +0200
0 - 0 - 0 https://www.bitchute.com/video/rhOuRaIOHJdb/ 104.24.22.87
2019-07-02 09:49:31 +0200
0 - 0 - 0 https://www.bitchute.com/video/0gdUIrC1FwTV/ 104.24.23.87
2019-07-02 09:49:30 +0200
0 - 0 - 0 https://www.bitchute.com/video/9TSaSoV97QZI/ 104.24.22.87

Last 10 reports on domain: taptin.vn

Date UQ / IDS / BL URL IP
2019-06-07 12:05:10 +0200
0 - 0 - 9 taptin.vn/files/9-2015/LiveWallpaper.apk 104.28.7.194
2019-06-07 10:29:21 +0200
0 - 0 - 9 taptin.vn/files/8-2015/gas1.apk 104.28.7.194
2019-06-06 22:02:54 +0200
0 - 0 - 9 taptin.vn/files/6-2015/adobe.cs6.all.products (...) 104.28.6.194
2019-06-06 21:57:44 +0200
0 - 0 - 9 taptin.vn/files/7-2015/VolumeAce.apk 104.28.7.194
2019-06-05 22:00:22 +0200
0 - 0 - 9 taptin.vn/files/3-2015/King_root_v_3.30_J9D2P (...) 104.28.7.194
2019-06-05 17:53:23 +0200
0 - 0 - 9 taptin.vn/files/3-2014/clipememxx.apk 104.28.7.194
2019-06-02 23:32:51 +0200
0 - 0 - 9 taptin.vn/files/9-2014/huongdaninvite_t8qo4.rar 104.28.7.194
2019-06-02 13:26:23 +0200
0 - 0 - 9 taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk 104.28.7.194
2019-06-02 11:28:06 +0200
0 - 0 - 9 taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk 104.28.7.194
2019-05-31 05:08:16 +0200
0 - 0 - 1 file.taptin.vn/ 27.72.146.2


JavaScript

Executed Scripts (7)


Executed Evals (9)

#1 JavaScript::Eval (size: 69, repeated: 1) - SHA256: 9854e76e6dae99db9463d9232a505a2fcb372e01c28c55795b260bd164b808a6

                                        function is_chrome(version) {
    return is_browser("chrome", version);
}
                                    

#2 JavaScript::Eval (size: 71, repeated: 1) - SHA256: 43ada489ab7fa4c5134037c37182799bc4d1bf3fc5fe6e39ad78ec6ab265378e

                                        function is_firefox(version) {
    return is_browser("firefox", version);
}
                                    

#3 JavaScript::Eval (size: 61, repeated: 1) - SHA256: ecc61bc19d4a76d3c7e6e0ba18de388e65a0a1921eebb2487a6c13f21b1fc563

                                        function is_ie(version) {
    return is_browser("ie", version);
}
                                    

#4 JavaScript::Eval (size: 48, repeated: 3) - SHA256: 0f2c613e99c13ba1f3511cc1fb7640ff2bee2452e489c48f854429f8f5daa4fd

                                        function is_ios() {
    return "ios" == "windows";
}
                                    

#5 JavaScript::Eval (size: 52, repeated: 1) - SHA256: 41d01739403d208d130fd424d9e166c5b9335d25172288a1a2a579568a0900d4

                                        function is_linux() {
    return "linux" == "windows";
}
                                    

#6 JavaScript::Eval (size: 67, repeated: 1) - SHA256: 4313e75deb83a21f7687e9b421d482768dc6b2ce1ecf77e51d00354d80b56ce6

                                        function is_opera(version) {
    return is_browser("opera", version);
}
                                    

#7 JavaScript::Eval (size: 48, repeated: 1) - SHA256: 76d599dc42a2d93c2d9d485a42bf1c6023909be06142a58315c4d475738a4aac

                                        function is_osx() {
    return "osx" == "windows";
}
                                    

#8 JavaScript::Eval (size: 69, repeated: 1) - SHA256: 9a7755e83ad666018f923a4e9f6777c8e3776e2c61fa3addfffdcc634db9ae60

                                        function is_safari(version) {
    return is_browser("safari", version);
}
                                    

#9 JavaScript::Eval (size: 56, repeated: 1) - SHA256: 79c285455c7b378a915815a46d5fcffa7eb61d7f5f50c252a34e71eaf3e5f3fc

                                        function is_windows() {
    return "windows" == "windows";
}
                                    

Executed Writes (0)



HTTP Transactions (15)


Request Response
                                        
                                            GET /files/3-2014/clipgaiolaxxx_IOMA3.apk HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.6.194
HTTP/1.1 301 Moved Permanently
                                        
Date: Sat, 25 May 2019 16:49:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 25 May 2019 17:49:03 GMT
Location: https://taptin.vn/files/3-2014/clipgaiolaxxx_IOMA3.apk
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc9001bdab5cad8-ARN


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 25 May 2019 16:49:03 GMT
Accept-Ranges: bytes
Last-Modified: Sun, 19 May 2019 23:04:25 GMT
Server: Apache
Etag: 7892053DFE14CCEBD2CCBF6B56555153EF217976
Cache-Control: max-age=493933,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp3
X-HW: 1558802943.cds021.sk1.h2,1558802943.cds056.sk1.c
Connection: keep-alive
Content-Length: 280


--- Additional Info ---
Magic:  data
Size:   280
Md5:    80c8695becef543c393b55c4a9026aaa
Sha1:   7892053dfe14ccebd2ccbf6b56555153ef217976
Sha256: 4b6fbfa1a88158ad79c72505821d938de81861967982d5e3d3cba49886c60104
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         151.139.128.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 25 May 2019 16:49:03 GMT
Accept-Ranges: bytes
Last-Modified: Mon, 20 May 2019 00:14:19 GMT
Server: Apache
Etag: B0A832B3B7374C03B8E4FF09D97F493AB6215360
Cache-Control: max-age=377613,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp7
X-HW: 1558802943.cds021.sk1.h2,1558802943.cds045.sk1.c
Connection: keep-alive
Content-Length: 313


--- Additional Info ---
Magic:  data
Size:   313
Md5:    55b0a1d37f3a2f89ce27bc93bc0561c1
Sha1:   b0a832b3b7374c03b8e4ff09d97f493ab6215360
Sha256: 6a95f0d3679304d7d3bdde7cc25e785a8380ca6dd3abb8628011f87b628ac6b0
                                        
                                            GET /files/3-2014/clipgaiolaxxx_IOMA3.apk HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.6.194
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Date: Sat, 25 May 2019 16:49:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; expires=Sun, 24-May-20 16:49:03 GMT; path=/; domain=.taptin.vn; HttpOnly; Secure PHPSESSID=vi3cjl1c2879b9kvdpncogne90; path=/
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://taptin.vn/login
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4dc9001e9d087610-ARN


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /login HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sat, 25 May 2019 16:49:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4dc9002318be7610-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   19606
Md5:    948eb697ef9d3403abc78aafa4af0a15
Sha1:   1c9b46663e2c42810df2e718e71300ccb7e02ac8
Sha256: 717b9867d7b815208a61580fbc04c0be68319cfa3a2be83acd42290a00aac88c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /lib/Peafowl/fonts/opensans/opensans.min.css?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 25 May 2019 16:49:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:57 GMT
Etag: W/"40452-490e-575cad138d045"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:05 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900276c057658-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1821
Md5:    87e2640d41864c004b1ab81e3e83f53e
Sha1:   329d38733aea8eb5f24c20c53a54ed9dcd7c475c
Sha256: bf3d2fef8b01c4934dd8342f5db9144a6cc2dbc690ff5ef7fe7361c3ac82c8b9
                                        
                                            GET /app/themes/Peafowl/style.min.css?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 25 May 2019 16:49:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:57 GMT
Etag: W/"403df-6dd5-575cad138e7b5"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:05 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900275c4ecaec-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7377
Md5:    a17124efd20e2c15c9d9a950cf8d6efc
Sha1:   dcf0bd5753fc3df2e02d70c9f3d428cb6fc6ff06
Sha256: 96b4523b3dc22b6895474e7ce2c756dfb9a6545f5f350f25464186dedbdcfcf9

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /content/images/system/logo_1529668552196_430dbc.png HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 25 May 2019 16:49:06 GMT
Content-Length: 1601
Connection: keep-alive
Last-Modified: Sun, 08 Jul 2018 04:13:44 GMT
Etag: "5fd34-641-570751f68ce00"
CF-Cache-Status: REVALIDATED
Expires: Sat, 25 May 2019 20:49:06 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900276c75caec-ARN


--- Additional Info ---
Magic:  PNG image, 137 x 45, 8-bit/color RGBA, non-interlaced
Size:   1601
Md5:    70005843c7bdadb5619e879a5441655c
Sha1:   5c59ac499cef77909bb93063f0553ec4cd4cb9de
Sha256: 2143ca511887494ecc3d663c8147de8047f478895ca906ec43cb812f874d7bd3
                                        
                                            GET /lib/Peafowl/peafowl.min.css?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 25 May 2019 16:49:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 04:23:47 GMT
Etag: W/"4574b-1ba49-575cd308f5ac0"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:06 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc90027593c75fe-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21811
Md5:    e497c5b5c9cdbdae35fb0c6b39bec9e7
Sha1:   820633378034f52a85b695228bb7ee7fbd53e196
Sha256: 1b144be6d203775bd7205ab64a611ffc52153f4b1b3140615fb8b073ff1015d0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /content/images/system/default/favicon.png HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 25 May 2019 16:49:07 GMT
Content-Length: 6812
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:48 GMT
Etag: "4042f-1a9c-575cad0b2855d"
CF-Cache-Status: REVALIDATED
Expires: Sat, 25 May 2019 20:49:07 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc90034afed75fe-ARN


--- Additional Info ---
Magic:  PNG image, 300 x 300, 8-bit/color RGBA, non-interlaced
Size:   6812
Md5:    9f5cb85d7807b74a6b1ef7ec17007090
Sha1:   c67ceb688e08a3cfd230c4f87cfc41c5dd79e328
Sha256: a69f288f1ab8244d4947f9debe84ab216f8720ad4b407fce05aef97461952441
                                        
                                            GET /?ping&r=186a62d8eb3a3c665ab2a14084b8452f HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 25 May 2019 16:49:07 GMT
Content-Length: 43
Connection: keep-alive
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4dc900349808caec-ARN


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /lib/Peafowl/fonts/icomoon.woff?x4x4bl HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/lib/Peafowl/peafowl.min.css?7d23ff901039aef6293954d33d23c066
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Sat, 25 May 2019 16:49:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:48 GMT
Etag: W/"4044f-1de80-575cad0abe9f5"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:07 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900355b8b86dd-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   63941
Md5:    f2710d2516166d1b5903dbed77506d70
Sha1:   fd56b257aea0702ff2861b42f8aac6b0159f0a17
Sha256: 6a9afef1e98e2508f0794a262e547d8994958255c9e6dd0c2d11b27d427b9edc

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /lib/Peafowl/peafowl.min.js?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 25 May 2019 16:49:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:58 GMT
Etag: W/"404a6-2d828-575cad14416fd"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:07 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900347f5d7658-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   52630
Md5:    d5099b5178740d0b613da205820647d8
Sha1:   9dc91485cd9d69c09fb55bd41d8a4dce4c5c5d20
Sha256: 8815b9172c9c54f40cc1d59c32df03aa7a29b6b899223004e0c91e1dc8181994

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /app/lib/chevereto.min.js?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 25 May 2019 16:49:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:58 GMT
Etag: W/"40377-1bf64-575cad14ae145"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:07 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc900348fdccaec-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   26687
Md5:    6f56517e9ad6c93e08aef7648052597e
Sha1:   73f13ddc68c2577642f8e5a11a202b9719c80d5d
Sha256: 8b76a03f4da2297a8b1d503956e2adf2431a84b29f6731591bce8922c7897225

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /lib/Peafowl/js/scripts.min.js?7d23ff901039aef6293954d33d23c066 HTTP/1.1 
Host: taptin.vn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://taptin.vn/login
Cookie: __cfduid=dd2d6de9ca0f91aab2414b2de0ec0be8a1558802943; PHPSESSID=vi3cjl1c2879b9kvdpncogne90

                                         
                                         104.28.6.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sat, 25 May 2019 16:49:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Sep 2018 01:33:59 GMT
Etag: W/"404a2-3d770-575cad1574cf5"
CF-Cache-Status: MISS
Expires: Sat, 25 May 2019 20:49:07 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4dc9003468637610-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   78068
Md5:    c76096bab6f53b5238c3966ffe32bbab
Sha1:   a587b2afd61839ed32524b708fce736c96cf4f98
Sha256: dbf2d4e74db84e41ffd94e93107bcdb046cdc78f3758c734868a6c42bff487cb

Alerts:
  Blacklists:
    - fortinet: Malware