Report - bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe

Report Overview

Submitted URL
bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe
IP
27.71.237.19
ASN
#38731 CHT Compamy Ltd
Submitted
2022-11-19 01:44:49
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	35.161.148.163
ocsp.entrust.net	1208	2014-01-10T03:18:45Z	2023-03-10T05:15:17Z	680 B	3.9 kB	104.110.10.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.4 kB	2.8 kB	93.184.220.29
bsi.com.vn	514775	2015-08-27T17:53:51Z	2022-12-06T17:34:51Z	381 B	389 B	27.71.237.19
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	368 B	1.9 kB	104.18.21.226
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	963 B	172.64.155.188
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-10T10:45:44Z	2.4 kB	487 kB	104.16.122.175
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.8 kB	62 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	686 B	1.4 kB	142.250.74.35
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	382 B	77 kB	142.250.74.168
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
www.bsi.com.vn	unknown	2012-12-15T20:25:12Z	2022-12-23T13:46:51Z	23 kB	2.0 MB	27.71.237.19
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	847 B	24 kB	151.101.85.229
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-10T05:11:37Z	369 B	31 kB	69.16.175.10
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	629 B	561 B	216.239.32.36
cdn.ckeditor.com	21818	2014-05-19T09:44:13Z	2023-03-10T13:18:15Z	373 B	691 B	205.234.175.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe	Malware
2022-11-19	medium	www.bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe	Malware
2022-11-19	medium	www.bsi.com.vn/	Malware
2022-11-19	medium	www.bsi.com.vn/common.fa33a679e8c775a50da1.js	Malware
2022-11-19	medium	www.bsi.com.vn/assets/fontawesome/fonts/fa-regular-400.woff2	Malware
2022-11-19	medium	www.bsi.com.vn/assets/fontawesome/fonts/fa-solid-900.woff2	Malware
2022-11-19	medium	www.bsi.com.vn/runtime.ffd4bd6d5039ef2a3a51.js	Malware
2022-11-19	medium	www.bsi.com.vn/assets/js/js.js	Malware
2022-11-19	medium	www.bsi.com.vn/5.1ffd0309cf2d71a69962.js	Malware
2022-11-19	medium	www.bsi.com.vn/16.5100d60f7a66d99f400e.js	Malware
2022-11-19	medium	www.bsi.com.vn/main.56aee7d4b8796502a3b6.js	Malware
2022-11-19	medium	www.bsi.com.vn/assets/i18n/vn.json	Malware
2022-11-19	medium	www.bsi.com.vn/1.b4daa55638c038c891ce.js	Malware
2022-11-19	medium	www.bsi.com.vn/public/iconlang/vn.svg	Malware
2022-11-19	medium	www.bsi.com.vn/18.85a89379ff74a21627cd.js	Malware
2022-11-19	medium	www.bsi.com.vn/4.8ecd008333e6dc256576.js	Malware
2022-11-19	medium	www.bsi.com.vn/polyfills.420b1e53f11527236d0f.js	Malware
2022-11-19	medium	www.bsi.com.vn/9.35b2a66fb99f7f86588e.js	Malware
2022-11-19	medium	www.bsi.com.vn/12.335c2e20d696564ec001.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.bsi.com.vn/5.1ffd0309cf2d71a69962.js	4.9 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/5.1ffd0309cf2d71a69962.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash eb9470aa1c5c23046147b1782796ac37 4e6dc61b52bfb4c11f64058d70d941a6626b23ba 557acd52cb5d2fc0a0e5aeb816242ee63be3277a10945900eb8d83deb7450395 Loading...

	www.bsi.com.vn/13.29b3c43600100242a00c.js	52 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/13.29b3c43600100242a00c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:41 Times Seen1 Hash d5c58f6194421e8cdcfc7c50e115eb1e 0ebbbbd28ea1828e6bacc401f5cda58dc05d98cd 28c14a13ad0e0cce2bc14170ef1866460499ebcc96fce0c0bcc2bdd45cededb8 Loading...

	www.bsi.com.vn/3.8e08b0f813489e47e608.js	48 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/3.8e08b0f813489e47e608.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash 058ac5579e21fdedf15f14a308793947 033d70daff18f74c54753d1cf514c4aa0c3f7c36 e1cdf421c2799c8a5d53c9ee4a24121c0bdabe748fcafa3d29422bf6ece3d920 Loading...

	www.bsi.com.vn/	177 B	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/ IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:41 Times Seen1 Hash df262de15c1a2083a258ca9e7fb340ae fc15c66a6993f8029f7d6984658dd871da4fd1d1 ffa3acf1dd70941d379e75cf6c5660f6088c73c6aa8e88f53402528d07a6c0ca Loading...

	www.bsi.com.vn/14.43531b348299f267a959.js	56 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/14.43531b348299f267a959.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:42 Times Seen1 Hash 8826a58fc7db518df81d6c4f4b7f9836 428dcf00e5e586dc8bf217717e62d939138c1de3 ae850a4bd7d15948f954d07b74f80284f4855210dbc9672e24aa338b145e1be9 Loading...

	www.bsi.com.vn/12.335c2e20d696564ec001.js	31 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/12.335c2e20d696564ec001.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:40 Times Seen1 Hash c927e825e174c180ee326ad3f7701151 315dddd970666f48ac3f52daed4067c096746063 17fdb5ea2a1d6e5f6ca6681d597df48698e12120680c0c185204c313d58a5272 Loading...

	www.bsi.com.vn/16.5100d60f7a66d99f400e.js	26 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/16.5100d60f7a66d99f400e.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash 3333f3c8c2ad64e0d85f747ec802adec e9411c790befda0829a8ad9afc8fdd281b14cdab 5246f1eeaaa34fd8953b4b3fc65cfe070b485519a939989b2e8cf932ca3ffeed Loading...

	www.bsi.com.vn/4.8ecd008333e6dc256576.js	45 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/4.8ecd008333e6dc256576.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash 02e285f2fe796eada1fef0cf3eb4e4a9 2065ef1347de46a5d3459c638fb54df272754b26 af4bf8a105bee209988f4be5ef1846ae34793bd5211d3feb090247d670998e74 Loading...

	www.bsi.com.vn/runtime.ffd4bd6d5039ef2a3a51.js	2.7 kB	2023-03-11	2023-03-11
Pretty URL www.bsi.com.vn/runtime.ffd4bd6d5039ef2a3a51.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:59:39 Last Seen2023-03-11 14:18:03 Times Seen1 Hash fccdda8013f571258de70ecd9ec15184 75d15dac74981949ee0e2a88f9d80bd6eb2987dc 0b3781459fce86eb91239a8b0fdd650f9e1fd25209e75aff169236349e64de89 Loading...

	code.jquery.com/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-04-27
Pretty URL code.jquery.com/jquery-3.2.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-27 06:13:20 Times Seen62876 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.bsi.com.vn/15.7f38e732463ca158667e.js	48 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/15.7f38e732463ca158667e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:42 Times Seen1 Hash d3472c7877fe6578f94638ed8096cc29 790a2cfef2e02813e819786b8ed8a85e73ea9b9c 0292b81ed7152e935179f74a021a7ae9070890b22e0da9565fdcc17953fe300c Loading...

	www.bsi.com.vn/18.85a89379ff74a21627cd.js	44 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/18.85a89379ff74a21627cd.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash 760ca356c5458e42414e2f1183d912e2 3e2e4c2d588771bff78f4e212b69f8f2f1a2f628 49727934aad7feeb229e1359f5e7de18f9622ca49dd1a9e8e50953d4b77fdb82 Loading...

	www.bsi.com.vn/main.56aee7d4b8796502a3b6.js	540 kB	2023-03-11	2023-03-11
Pretty URL www.bsi.com.vn/main.56aee7d4b8796502a3b6.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:59:39 Last Seen2023-03-11 14:18:03 Times Seen1 Hash cc8586d903e2ab0155d951d262232770 a67542c90c8fcf75e5f0c5620df3d636a7d58f0c c32c146c7c7682b2f8e4911e223652b14b35bf653a91f6087849513710f33024 Loading...

	www.bsi.com.vn/9.35b2a66fb99f7f86588e.js	490 kB	2023-03-11	2023-03-11
Pretty URL www.bsi.com.vn/9.35b2a66fb99f7f86588e.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:59:39 Last Seen2023-03-11 14:18:03 Times Seen1 Hash 7d1fbe912d0d89bc7048b59ef4c64306 91537258e03f885fd8a86858f904b44ae8d4a73b 614fffa7bda768c68d067df531f2acc16ddfae2dab3877d8296b5520503525c9 Loading...

	www.bsi.com.vn/	62 B	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/ IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:42 Times Seen1 Hash 5dde8e3b6670819e574d9f5ac3932cd8 f4fa4a81d74053638a282c9d176df5ddbee1ebba 8621401d74a0dd473d505a3d6a5b6910a5d313eb13c3156847259faf5d9be8cf Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js	21 kB	2023-03-07	2024-04-27
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-27 01:34:44 Times Seen5979 Hash 1022eaf388cc780bcfeb6456157adb7d 313789ca0e31b654784dbba8b0f83f364f8683b4 fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Loading...

	cdn.ckeditor.com/4.7.1/full/ckeditor.js	619 kB	2023-03-08	2024-01-19
Pretty URL cdn.ckeditor.com/4.7.1/full/ckeditor.js IP 205.234.175.175 ASN #30081 CACHENETWORKS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-01-19 19:34:15 Times Seen17 Hash cd2caf377c481e8c6d118839af5d26d9 0bd0629928905205cd8902cdc24af682d336cfbf 131b98438d7737390e5d24a5f8cce13914451841396e985c09880171708a05c6 Loading...

	www.bsi.com.vn/polyfills.420b1e53f11527236d0f.js	50 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/polyfills.420b1e53f11527236d0f.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash ded3363d4a9cd277a016a88140497125 7cf2c28303d80066c719e57929348c3ac81cf626 136dc2a07b59951326ca3093683e71c44660dc61a5c7dbcc172e8d2ccc296b65 Loading...

	www.bsi.com.vn/17.8db23f09a0d638feb5c7.js	51 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/17.8db23f09a0d638feb5c7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash c24ea618d9762c9e7d68996c9dade562 a4d3b5a1ea1fd2020eabee321e62614de5dcb43b efa85bb4369e0c33025fe047c6e62c1c1ca4a251360111d25221477c79de09c6 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js	64 kB	2023-03-07	2024-04-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-04-27 00:44:08 Times Seen8598 Hash f0c2bcf5ef0c4476508d79ec9cdcce07 3beed68ed7d753c6bf4f61c26386ddd7929ba030 edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 06:49:51 Times Seen37113173 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.bsi.com.vn/1.b4daa55638c038c891ce.js	132 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/1.b4daa55638c038c891ce.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:42 Times Seen1 Hash 8819e5db680e4ac631080f613e9e3bf2 da125d36ebaafb2726639c00fdd26cb861a1a2ea cba40299a2930ebdfb647237113b421e792bbb858a0c97152b387c29ce7dba7a Loading...

	www.bsi.com.vn/10.41ca6e0199956f516074.js	38 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/10.41ca6e0199956f516074.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:41 Times Seen1 Hash ee8c81fbb0597713cb63ef8fc8774ad3 5d8875494547abd7d41ef73b3971c31b358fd9e1 b75d5c9842a88d8d9cb5c37eee98cbf029f8f48f2f7bc2ed9d8798bb99d4642b Loading...

	unpkg.com/@fancyapps/ui/dist/fancybox.umd.js	106 kB	2023-03-07	2024-04-25
Pretty URL unpkg.com/@fancyapps/ui/dist/fancybox.umd.js IP 104.16.122.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:32 Last Seen2024-04-25 16:02:17 Times Seen574 Hash 0ce18f9ca64e6fdcac07ec7e97dac4c7 603af3e02f381a658f135eb80f4eef78cc7e750d d1a7f655b0b8be63ec6bc38b04028198ba32b8aab86c194a2b628e80c59aca2a Loading...

	www.bsi.com.vn/common.fa33a679e8c775a50da1.js	6.3 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/common.fa33a679e8c775a50da1.js IP 27.71.237.19 ASN #38731 CHT Compamy Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:26 Last Seen2024-02-11 08:21:41 Times Seen1 Hash 2cbb35491a11dc2cb5ecdaa249136b5f 92f4c602c6294a023878621ec6a07994323d9976 53c344cc573a1d2f567058575c308aa18003f45a086850d8f563a3713d4b8b82 Loading...

	www.bsi.com.vn/11.2914768b37bf13d2ce28.js	56 kB	2023-03-08	2024-02-11
Pretty URL www.bsi.com.vn/11.2914768b37bf13d2ce28.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:56:27 Last Seen2024-02-11 08:21:42 Times Seen1 Hash 1d245ab472e55478c4f7af307c493b4f 2def04f933d169cf5dbd10ad4899a04e3148f782 d0ef4ce2a275eaf03ea5513b9ddbdd9654dd33d7d35a9d641c3ec56e16e4fea2 Loading...

HTTP Transactions (85)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18637
Expires: Sat, 19 Nov 2022 06:55:14 GMT
Date: Sat, 19 Nov 2022 01:44:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20967
Expires: Sat, 19 Nov 2022 07:34:04 GMT
Date: Sat, 19 Nov 2022 01:44:37 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2285
Cache-Control: max-age=120275
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:37 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:09:12 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 71UCofpZ6eZ+onD6OlIX6QdJ//fQxVagUIxLQMFci/NXfwJaunPFckx81yuzpaU8wRFkDXUk9/Q=
x-amz-request-id: CFGF8N37Q20F949G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 00:53:09 GMT
age: 3088
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 00:45:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3573
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 01:25:01 GMT
cache-control: public,max-age=3600
age: 1176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe

27.71.237.19

301 Moved Permanently

162 B

URL HTTP/1.1
bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /public/upload/images/icon/js/Xbjrmk.exe HTTP/1.1
Host: bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 19 Nov 2022 01:44:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2628
Cache-Control: max-age=115566
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:38 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:50:44 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.161.148.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.148.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +uzIPIO+OHpMP3KWpX3tOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kl8DMC5j38qMiuqraK62vkjTApg=

www.bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe

27.71.237.19

307 Temporary Redirect

0 B

URL HTTP/1.1
www.bsi.com.vn/public/upload/images/icon/js/Xbjrmk.exe
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /public/upload/images/icon/js/Xbjrmk.exe HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Sat, 19 Nov 2022 01:44:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Set-Cookie: ci_session=fvj2lrp3ds53engh90bnr7hjmcmadj3c; expires=Sat, 19-Nov-2022 03:44:38 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://www.bsi.com.vn/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18009
Expires: Sat, 19 Nov 2022 06:44:48 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18009
Expires: Sat, 19 Nov 2022 06:44:48 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18009
Expires: Sat, 19 Nov 2022 06:44:48 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18009
Expires: Sat, 19 Nov 2022 06:44:48 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18009
Expires: Sat, 19 Nov 2022 06:44:48 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6103 bytes)
Hash
84839dd7a1d5d50d40a848e92d3ae6ca
150c83236b3518afce551ef94e2c3dddc275ce3f
fb9fffd5dafa855d3f16aefcdf31f656ea5219547a91b336ab41a998ead28050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6103
x-amzn-requestid: 4f0d1ea8-611c-48cf-be66-dd26b6d56a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubTBFxDoAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5ac-4222e7656cb7a56b557d5b13;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eVbxWxzd0WCUQKztoedT6XAn3I3d2LApn8W0usl5HXTmMl8qCjrBnA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 04:00:41 GMT
age: 78238
etag: "150c83236b3518afce551ef94e2c3dddc275ce3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8089 bytes)
Hash
c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9FO1gkdftjvJFDvAlxwLD63BP-liwnS2MImVhVdjg83wi4xJdM73Kg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 14894
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5730155a-f68f-483a-a61b-7d881a44a39b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12472 bytes)
Hash
58c1f2de229260cce98461e5c7d4d282
136e095a89fb0a5aae3e5d653906865da15df7b6
1d623baac44dce6d882e161ccf7dae4e7689fedf5904a12a8bedc2b4c6daa46b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5730155a-f68f-483a-a61b-7d881a44a39b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12472
x-amzn-requestid: 1291abd8-15e9-463f-a106-927785f93e5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQ_nGwwoAMF3nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772eca-3164b923612df3841423a11c;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:05:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wd9AzMTWZs0KECKZ5UKkJaxw8k5qQQ-iofcXxuSg7yTqWgUmHuKw1w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:12:43 GMT
age: 66716
etag: "136e095a89fb0a5aae3e5d653906865da15df7b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6365 bytes)
Hash
f5af431deee2fb28fcc08b25f5162944
6dac89954db5946b9ac1fdca3196d8b6bb3f54c3
b22d9111361ebce06d55d14d05f4a5206ca7097b059bbe6bc02b10391b61f458

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: 60bd00c0-6808-4bc5-a0cb-e4390d353d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: befxSFJOIAMF6Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f466e-514b3be121f077d559acdb86;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PiXrw9Fl9jm_orFJtFK5hBbBZs8YVeF4Xmye9BEYVyot9gKdMJb06Q==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 11:25:47 GMT
age: 51532
etag: "6dac89954db5946b9ac1fdca3196d8b6bb3f54c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3035 bytes)
Hash
d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 14894
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141ee43e-4742-4784-a9a2-359cfa7ac9a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9681 bytes)
Hash
859348e84041e7934b7f959f087a3679
583310946175391015cb46fcfa476cca96ebb9a9
7fba6813b2d8f06a6098b2c628580190b094c79e300744506344a3febc5f06de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141ee43e-4742-4784-a9a2-359cfa7ac9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9681
x-amzn-requestid: 73f28d59-8922-473c-9977-df0c39f9cc6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bZ3t-FC1oAMFQdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636d6cbf-6607d2be74559f1d3448dab7;Sampled=0
x-amzn-remapped-date: Thu, 10 Nov 2022 21:27:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aXtuckvPNMzB0frJPAOosiNpmhd_VNb4RHUj8fVkZjVtDxRXwoU33w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 20:18:57 GMT
age: 19542
etag: "583310946175391015cb46fcfa476cca96ebb9a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
8550090830bd540115bac8b0806a5a01
f66a5c651644be797c1f3e0668a6d2d6306d9dc9
9a69aa1008fcb3e5831dc889015709ee78ea4c45191aef1486c1ccaf6f4e7865

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "9A69AA1008FCB3E5831DC889015709EE78EA4C45191AEF1486C1CCAF6F4E7865"
Last-Modified: Fri, 18 Nov 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Sat, 19 Nov 2022 02:39:58 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

ocsp.entrust.net/

104.110.10.32

200 OK

1.6 kB

URL HTTP/1.1
ocsp.entrust.net/
IP
104.110.10.32:0
ASN
#16625 AKAMAI-AS

File type
data
Size
1.6 kB (1588 bytes)
Hash
fae8362a1e26dbe1582ff1bf5edf7f5d
6005f2874e6c7d896add1470d5154f3654a0fa72
c79e61664c7a750b88ca9407ab2bb6a70bf55692522fb7d37491319b69916461

HTTP Headers

POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "C79E61664C7A750B88CA9407AB2BB6A70BF55692522FB7D37491319B69916461"
Last-Modified: Fri, 18 Nov 2022 19:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Sat, 19 Nov 2022 02:44:39 GMT
Date: Sat, 19 Nov 2022 01:44:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cf81f875cb94c0e5b227acd26510a2b3
191611e591105a972584fec5645b5db171cd5bdc
1185e33de343dbdf3b4bf298124a97ae95ca3e4c7383e2ebfea0c7d0c0eac86b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3831
Cache-Control: max-age=137653
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:40 GMT
Etag: "63779cc6-118"
Expires: Sun, 20 Nov 2022 15:58:53 GMT
Last-Modified: Fri, 18 Nov 2022 14:55:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
cf81f875cb94c0e5b227acd26510a2b3
191611e591105a972584fec5645b5db171cd5bdc
1185e33de343dbdf3b4bf298124a97ae95ca3e4c7383e2ebfea0c7d0c0eac86b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3831
Cache-Control: max-age=137653
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:40 GMT
Etag: "63779cc6-118"
Expires: Sun, 20 Nov 2022 15:58:53 GMT
Last-Modified: Fri, 18 Nov 2022 14:55:02 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

www.bsi.com.vn/

27.71.237.19

200 OK

26 kB

URL HTTP/2
www.bsi.com.vn/
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60248), with CRLF, LF line terminators
Size
26 kB (25916 bytes)
Hash
b788b612eb5b6269027e451e9c6ed33c
7018e96603b66c0dc2d7fbe484cd114711b66582
f46585902678837b979c4350050ec18c58a7fd035ff62fce1e4b21e64250774c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
set-cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; expires=Sat, 19-Nov-2022 03:44:39 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

151.101.85.229

200 OK

7.5 kB

URL HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21060)
Size
7.5 kB (7503 bytes)
Hash
1f61c1b15b25ba046056238766ff3a43
2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8
fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648

HTTP Headers

GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.1
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 19 Nov 2022 01:44:40 GMT
age: 15112486
x-served-by: cache-fra19126-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7503
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

151.101.85.229

200 OK

15 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (63188)
Size
15 kB (14954 bytes)
Hash
bcd78d6c0ec033bf482fd42a464a0456
db079a86c03c9930571f8d0d6585cd7c4817fb95
3ade5e6e9f8a5da4b810b01861e48e7e4fa50b8c4fc5899a715062a139c5d258

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 19 Nov 2022 01:44:40 GMT
age: 17889033
x-served-by: cache-fra19124-FRA, cache-bma1633-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14954
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
179d2ea164a17dece2074c9d684f8d4f
3a93c59ffe60f513b2b88a018b2af317a114639b
5fb3002d561425859405a89d8db317bae6a3f8f4af3e87910495c0490967abe0

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 01:44:40 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "C70B5BE3B03D496BAE231B921E47D2B7C21DA718"
Expires: Sat, 19 Nov 2022 12:00:00 GMT
Last-Modified: Sat, 19 Nov 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 615
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76c5431418ed0b4d-OSL

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

code.jquery.com/jquery-3.2.1.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.2.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32058)
Size
30 kB (30125 bytes)
Hash
148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e

HTTP Headers

GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 19 Nov 2022 01:44:40 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668822280.dop026.sk1.t,1668822280.cds248.sk1.hn,1668822280.cds222.sk1.c
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5af3c2965962e15f4081eb7a3d075eed
934d2404b8c58e357e86dbb3d8ea1a5474fab737
3fbcd805af587a82f9c2e018e380dc5626235cb188484c68c5fd52d526e77580

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 01:44:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 16:24:03 GMT
Expires: Tue, 22 Nov 2022 16:24:02 GMT
Etag: "934d2404b8c58e357e86dbb3d8ea1a5474fab737"
Cache-Control: max-age=311361,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c543141f12b4fd-OSL

www.googletagmanager.com/gtag/js?id=G-1R8QZ0X3TC

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-1R8QZ0X3TC
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19102)
Size
76 kB (75983 bytes)
Hash
8ba3330cfce7348d3426d21f34ecab00
50b594821bd74d8de28a2e0ca772ea66be458e65
804cee74cb0c91df0528f341657ef996bbc91766f3faca4ba309056d6c2e7f6f

HTTP Headers

GET /gtag/js?id=G-1R8QZ0X3TC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 01:44:40 GMT
expires: Sat, 19 Nov 2022 01:44:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f17b03be491bcd758ad58f33ac7c094c
c02829213f2c3afc21026a24b413585804ba17de
e4085af005b24bc39492d37826b238a7e32d85037c9dcfc658171e73325ec0d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 01:44:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

unpkg.com/ngx-bootstrap@9.0.0/datepicker/bs-datepicker.css

104.16.122.175

200 OK

126 kB

URL HTTP/2
unpkg.com/ngx-bootstrap@9.0.0/datepicker/bs-datepicker.css
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (526)
Size
126 kB (126510 bytes)
Hash
c2176f3011986307a67a6fdc508da343
6e0237b555ddea00ee88e4e5754aa877a2cf75ce
286a497b1d859d1557784a0d1b3bd0e3683731e3b4564d4471e19d3f07a591fb

HTTP Headers

GET /ngx-bootstrap@9.0.0/datepicker/bs-datepicker.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bsi.com.vn/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5314-LsgVHjSi31TKMrMHPwXjk75b0a8"
via: 1.1 fly.io
fly-request-id: 01G8TDTTXHZ5WP8266P5AD5V0C-fra
cf-cache-status: HIT
age: 10077961
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c543143927b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-1R8QZ0X3TC&gtm=2oeb90&_p=1385472596&cid=897611562.1668822279&ul=en-us&sr=1280x1024&_s=1&sid=1668822279&sct=1&seg=0&dl=https%3A%2F%2Fwww.bsi.com.vn%2F&dt=HOME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-1R8QZ0X3TC&gtm=2oeb90&_p=1385472596&cid=897611562.1668822279&ul=en-us&sr=1280x1024&_s=1&sid=1668822279&sct=1&seg=0&dl=https%3A%2F%2Fwww.bsi.com.vn%2F&dt=HOME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-1R8QZ0X3TC&gtm=2oeb90&_p=1385472596&cid=897611562.1668822279&ul=en-us&sr=1280x1024&_s=1&sid=1668822279&sct=1&seg=0&dl=https%3A%2F%2Fwww.bsi.com.vn%2F&dt=HOME&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.bsi.com.vn
date: Sat, 19 Nov 2022 01:44:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

unpkg.com/@fancyapps/ui@4.0.31/dist/fancybox.umd.js

104.16.122.175

200 OK

324 kB

URL HTTP/2
unpkg.com/@fancyapps/ui@4.0.31/dist/fancybox.umd.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65502)
Size
324 kB (324173 bytes)
Hash
8f0652ce38a4ecab0699306b5d05bf33
33f59b9f93a4b61a4ca9281b0dd85aed2ceb2760
1366167900a1ebf9665c099900bbe666c7ab02b51a16c31259c1a706f1349705

HTTP Headers

GET /@fancyapps/ui@4.0.31/dist/fancybox.umd.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bsi.com.vn/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"19ca7-YDrz4C84GmWPE164D07veMx+dQ0"
via: 1.1 fly.io
fly-request-id: 01GGNGT00GHGZ6JPTWJY9CRJPY-fra
cf-cache-status: HIT
age: 1652697
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c54319ec6ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.bsi.com.vn/common.fa33a679e8c775a50da1.js

27.71.237.19

200 OK

296 kB

URL HTTP/2
www.bsi.com.vn/common.fa33a679e8c775a50da1.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
296 kB (296222 bytes)
Hash
e77d2e781ea40e17d513e04960c43f55
6681b6a3c512fb06c91bd354caabc7c4b858c83b
e25a8997b8c53c51eedceb5e7527acbf648f7cadf12cbc55890b24106655f663

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /common.fa33a679e8c775a50da1.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-18c4"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/fontawesome/fonts/fa-regular-400.woff2

27.71.237.19

200 OK

169 kB

URL HTTP/2
www.bsi.com.vn/assets/fontawesome/fonts/fa-regular-400.woff2
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/fontawesome/fonts/fa-regular-400.woff2 HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bsi.com.vn/assets/fontawesome/all.min.css
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: font/woff2
content-length: 168768
last-modified: Fri, 04 Nov 2022 04:50:59 GMT
etag: "63649a33-29340"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/fontawesome/fonts/fa-solid-900.woff2

27.71.237.19

200 OK

137 kB

URL HTTP/2
www.bsi.com.vn/assets/fontawesome/fonts/fa-solid-900.woff2
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261\012- data
Size
137 kB (136824 bytes)
Hash
978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/fontawesome/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bsi.com.vn/assets/fontawesome/all.min.css
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: font/woff2
content-length: 136824
last-modified: Fri, 04 Nov 2022 04:50:59 GMT
etag: "63649a33-21678"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/api/company?mask=@Company/GetCompanyInfo&language=0

27.71.237.19

200 OK

184 kB

URL HTTP/2
www.bsi.com.vn/api/company?mask=@Company/GetCompanyInfo&language=0
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
184 kB (184444 bytes)
Hash
9f5d409450077c8607fb6f8fbbd6dbef
7777c8ee14c884bb070ca2e734a1715c50be7a0a
57ebe06456a1dd737317bed8f40096cc2c4a4f39b09bd6e2ccf9cef8f9c15fda

HTTP Headers

POST /api/company?mask=@Company/GetCompanyInfo&language=0 HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/styles.ae750a60694532dc4d5f.css

27.71.237.19

200 OK

10 kB

URL HTTP/2
www.bsi.com.vn/styles.ae750a60694532dc4d5f.css
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
10 kB (10105 bytes)
Hash
8dad2a99755a1c5349f8a166c2e2114b
48d275c76c51ca50caacac622fd0da2f24e6c2ff
c3329a019e219eb22460283da1842eb4fbeda7594dc3b115909e3da5e2ce4393

HTTP Headers

GET /styles.ae750a60694532dc4d5f.css HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 04:53:04 GMT
vary: Accept-Encoding
etag: W/"63649ab0-6896"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/api/getmenu?mask=menuFooterResources&language=1&position=resource

27.71.237.19

200 OK

4.4 kB

URL HTTP/2
www.bsi.com.vn/api/getmenu?mask=menuFooterResources&language=1&position=resource
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
4.4 kB (4436 bytes)
Hash
3d4ef83ae02033ecc30d58bd6ffe6b59
ca9963c3d4b931998172649de4da130ebf64d8fb
641d64e22a1561641be0465d54bdb4f70d6c9dffd2b0c3ab9441066c4cbe716f

HTTP Headers

POST /api/getmenu?mask=menuFooterResources&language=1&position=resource HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/css/meanmenu.css

27.71.237.19

200 OK

4.4 kB

URL HTTP/2
www.bsi.com.vn/assets/css/meanmenu.css
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
4.4 kB (4381 bytes)
Hash
4a4e9b83a515d70458400ffc3a988d46
c80b9debf0733cc2f63176dc6265015bce41bae9
4315569fd1d5a1ecf07477352620507da11076e23c7faf16935296abbdbc03d6

HTTP Headers

GET /assets/css/meanmenu.css HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 04:50:57 GMT
vary: Accept-Encoding
etag: W/"63649a31-1ba5"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/api/home/getAnalysis?mask=getAnalysisHome&language=1

27.71.237.19

200 OK

4.1 kB

URL HTTP/2
www.bsi.com.vn/api/home/getAnalysis?mask=getAnalysisHome&language=1
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
4.1 kB (4069 bytes)
Hash
4590c1d29e53ebacbbe3a322fcf6379b
61ef3892ebdc6acb3eaacf8c1244bece7dad8532
e040c5ee4f37b078d781bd4dd3ac0878cf96e10dd11b3e7ed5673c08a21492cf

HTTP Headers

POST /api/home/getAnalysis?mask=getAnalysisHome&language=1 HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/icon-07_1640742889.png

27.71.237.19

200 OK

1.6 kB

URL HTTP/2
www.bsi.com.vn/public/pages/icon-07_1640742889.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 105 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1615 bytes)
Hash
982c725dbbbbf16efb63014a98b25926
8c070c5e45d4cc8d75727b84295a8ef79f64b691
4861770a2b3851cfa92e170602a49408b8adf7e4cdc0a6f74d31a1a3adb3b22b

HTTP Headers

GET /public/pages/icon-07_1640742889.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 1615
last-modified: Fri, 04 Nov 2022 06:21:38 GMT
etag: "6364af72-64f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/runtime.ffd4bd6d5039ef2a3a51.js

27.71.237.19

200 OK

3.5 kB

URL HTTP/2
www.bsi.com.vn/runtime.ffd4bd6d5039ef2a3a51.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
3.5 kB (3518 bytes)
Hash
fa1d283481abd6116c818b4777b1f7ad
8c5f912247175944a9f810da2f409ac3be53f725
50bf528b7a5dacc9c9a97be45411cae2270e97bb3b6e45cf73b610db1202c6bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /runtime.ffd4bd6d5039ef2a3a51.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-a5b"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/googleplay_1639570356.png

27.71.237.19

200 OK

4.0 kB

URL HTTP/2
www.bsi.com.vn/public/pages/googleplay_1639570356.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 268 x 80, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (3976 bytes)
Hash
30eed5122897e0fe6563cf4b5ce0954b
07313d61ca70e2d94af86d23a15f56ea27a5e5f6
40c9128a15f131eda08b3b59e1f0fbcbf720760373e14bff3a5f6e8ecf94d369

HTTP Headers

GET /public/pages/googleplay_1639570356.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 3976
last-modified: Fri, 04 Nov 2022 06:21:37 GMT
etag: "6364af71-f88"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/appstore-1639570391_1641614963.png

27.71.237.19

200 OK

5.6 kB

URL HTTP/2
www.bsi.com.vn/public/pages/appstore-1639570391_1641614963.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 268 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5588 bytes)
Hash
bfdbd5e0e13885ed2a7891845c23e3f8
1971219cb078b999735ffd6de47144d335befd3a
3409cc25a03cc77194048788e15ff0fa496650210637f1e058b4e0e83d6b0f9d

HTTP Headers

GET /public/pages/appstore-1639570391_1641614963.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 5588
last-modified: Fri, 04 Nov 2022 06:21:37 GMT
etag: "6364af71-15d4"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/pie-chart_1640846784.png

27.71.237.19

200 OK

66 kB

URL HTTP/2
www.bsi.com.vn/public/pages/pie-chart_1640846784.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 512 x 512, 16-bit/color RGBA, non-interlaced\012- data
Size
66 kB (65745 bytes)
Hash
4b6693eb8d3a87c3cd5793a2fa6c908d
a5dd50c5920cfac5d682266a5f4562bd4666a89e
4b6ed617304ef5a33ac3cafd96f1a02d60f5a918bf2259e2b518aa55b5e9fc08

HTTP Headers

GET /public/pages/pie-chart_1640846784.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 65745
last-modified: Fri, 04 Nov 2022 06:21:37 GMT
etag: "6364af71-100d1"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/research_1640846426.png

27.71.237.19

200 OK

58 kB

URL HTTP/2
www.bsi.com.vn/public/pages/research_1640846426.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 512 x 512, 16-bit/color RGBA, non-interlaced\012- data
Size
58 kB (58211 bytes)
Hash
930096c295ae846c337a99506874664a
32f26fe8f0c1b561878309ed4be8f2847f7656fe
92f0c7c89e6031d93d6a680102c00e8dd6f9ad72a5eb3f7d72423e0103d6f755

HTTP Headers

GET /public/pages/research_1640846426.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 58211
last-modified: Fri, 04 Nov 2022 06:21:36 GMT
etag: "6364af70-e363"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/js/js.js

27.71.237.19

200 OK

43 kB

URL HTTP/2
www.bsi.com.vn/assets/js/js.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
data
Size
43 kB (42958 bytes)
Hash
8ac3381678e22396a642a17fa7b2ebb9
9dbc56d45d8c7a387df3cc7d0babf14d06b96ae3
81fde73497edfb64ae6df3b28d942d56b60623dfbcf5c0a5f123201222bef47d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/js/js.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:51:05 GMT
vary: Accept-Encoding
etag: W/"63649a39-ca4"
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/ngx-bootstrap/datepicker/bs-datepicker.css

104.16.122.175

302 Found

33 kB

URL HTTP/2
unpkg.com/ngx-bootstrap/datepicker/bs-datepicker.css
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
33 kB (32683 bytes)
Hash
8499be94e720d0f77fba8121d3055a7f
5d7210ab8ee7ee0d0749b419a6797525ad3cb06a
154999bd1671e37de0ff39a6aa6292f17082c7397033a9f3e209e48c6d45c802

HTTP Headers

GET /ngx-bootstrap/datepicker/bs-datepicker.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /ngx-bootstrap@9.0.0/datepicker/bs-datepicker.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJ6RC2TX1ARAX43BFXV0VY1N-ams
cf-cache-status: HIT
age: 597
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c54313f90db505-OSL
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/presentatio_1640846518.png

27.71.237.19

200 OK

53 kB

URL HTTP/2
www.bsi.com.vn/public/pages/presentatio_1640846518.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 512 x 512, 16-bit/color RGBA, non-interlaced\012- data
Size
53 kB (53277 bytes)
Hash
7cc6848d16a79efe203a340459dad07d
6651c0788314c5f653a9665dc1b89d81009f77bd
02e272906ad9df9905943ecd1fae7e66770bf0c133dfe2bd71324df0f88df428

HTTP Headers

GET /public/pages/presentatio_1640846518.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 53277
last-modified: Fri, 04 Nov 2022 06:21:36 GMT
etag: "6364af70-d01d"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/public/pages/news_1640846614.png

27.71.237.19

200 OK

28 kB

URL HTTP/2
www.bsi.com.vn/public/pages/news_1640846614.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 512 x 512, 16-bit/color RGBA, non-interlaced\012- data
Size
28 kB (28314 bytes)
Hash
4c531ed0459f6f170e1326fe0f309944
f4519b911e95a5cf7536a1dc9262234b52da6ee4
25233664289d4fa3fb35a7ab5c321d1119b7931f5585e39c2de5282547db8b43

HTTP Headers

GET /public/pages/news_1640846614.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 28314
last-modified: Fri, 04 Nov 2022 06:21:37 GMT
etag: "6364af71-6e9a"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/defaut-slide.png

27.71.237.19

200 OK

11 kB

URL HTTP/2
www.bsi.com.vn/assets/img/defaut-slide.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 1440 x 400, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (11332 bytes)
Hash
1e27f0d78a1f433cf995a738b5e132ac
d5da1ecdfb0f8bca85b9f9aa0661f60527c7e563
5e52c63fcc9151af17699dedf390d7f26483c81ec194d048792fe971f9271803

HTTP Headers

GET /assets/img/defaut-slide.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/png
content-length: 11332
last-modified: Fri, 04 Nov 2022 04:51:03 GMT
etag: "63649a37-2c44"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/left-chevron.png

27.71.237.19

200 OK

2.2 kB

URL HTTP/2
www.bsi.com.vn/assets/img/left-chevron.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2159 bytes)
Hash
815f0e29b9aeecfd48543b8cf86bb0d0
a1e7c1eec5164113001052d64fb766b32481f3fc
0f45234103c2eadbeaf5807893de5dc9cfa2ef767f59f6b1c838553a03a76bbe

HTTP Headers

GET /assets/img/left-chevron.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 2159
last-modified: Fri, 04 Nov 2022 04:51:02 GMT
etag: "63649a36-86f"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/right-arrow.png

27.71.237.19

200 OK

1.9 kB

URL HTTP/2
www.bsi.com.vn/assets/img/right-arrow.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1945 bytes)
Hash
2601ee64086d0cd14f9c968d9cdb09ed
af10ac4572e76392005545365f2df0fa3b0c1272
ccb7cff415093e21d32d644d76d94811fc69ea4b074be4995557d98d6a9c4f5b

HTTP Headers

GET /assets/img/right-arrow.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 1945
last-modified: Fri, 04 Nov 2022 04:51:01 GMT
etag: "63649a35-799"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/public/slides/ekyc-banner-2-01_1640746361.jpg

27.71.237.19

200 OK

802 kB

URL HTTP/2
www.bsi.com.vn/public/slides/ekyc-banner-2-01_1640746361.jpg
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 3000x938, components 3\012- data
Size
802 kB (801929 bytes)
Hash
928e91e2b6ed897ddac0a3bd72111085
63b8b80734b05b8b46a31d834f6c73653765245e
ab28b09454a107fc9e3c387f7d55e0d9d86ebfb0a35a74b0aefbcdeac2284a66

HTTP Headers

GET /public/slides/ekyc-banner-2-01_1640746361.jpg HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/jpeg
content-length: 801929
last-modified: Fri, 04 Nov 2022 06:21:43 GMT
etag: "6364af77-c3c89"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/icon/facebook.png

27.71.237.19

200 OK

29 kB

URL HTTP/2
www.bsi.com.vn/assets/img/icon/facebook.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 246 x 246, 8-bit/color RGB, non-interlaced\012- data
Size
29 kB (29000 bytes)
Hash
c76e7f95dd75b7e1e8a740f9b31b01c3
b825e1644aa6bb999ba643d5a2bc03469e26f444
15bf338d40122aff599ee9b90b5c19dd6c0955b90e75f74d987ede46119a6348

HTTP Headers

GET /assets/img/icon/facebook.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 29000
last-modified: Fri, 04 Nov 2022 04:51:04 GMT
etag: "63649a38-7148"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/icon/zalo.png

27.71.237.19

200 OK

11 kB

URL HTTP/2
www.bsi.com.vn/assets/img/icon/zalo.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 246 x 246, 8-bit/color RGB, non-interlaced\012- data
Size
11 kB (10660 bytes)
Hash
7862e29a22afe00da0caefae1f0d0e40
901052c39fcfa876a0b96beea6f098b6b7d9b41d
69f62fdb22fd9fcd4832fed36275a7beaf79f6ad4d73f0b92569cc664582f614

HTTP Headers

GET /assets/img/icon/zalo.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 10660
last-modified: Fri, 04 Nov 2022 04:51:04 GMT
etag: "63649a38-29a4"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/icon/twitter.png

27.71.237.19

200 OK

12 kB

URL HTTP/2
www.bsi.com.vn/assets/img/icon/twitter.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 350 x 350, 8-bit/color RGB, non-interlaced\012- data
Size
12 kB (12320 bytes)
Hash
1a1f8f58ff6135b6bbc2721e7c1957f7
dcd9b3a5dcc1299b679363d9ebf5869972eefbcb
f0c1e1c40a51a2de3d7bf91f5b73bd4cec492a011b5d69158deeba4d98490bab

HTTP Headers

GET /assets/img/icon/twitter.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 12320
last-modified: Fri, 04 Nov 2022 04:51:04 GMT
etag: "63649a38-3020"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/icon/skype.png

27.71.237.19

200 OK

23 kB

URL HTTP/2
www.bsi.com.vn/assets/img/icon/skype.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 246 x 246, 8-bit/color RGB, non-interlaced\012- data
Size
23 kB (22975 bytes)
Hash
c4c989b0a1688e75d3881c0b03134626
82de7c7b17d775ef8c491ef265237296d7f84f02
904f2b14a770fbb4502c0b9cc29112b21d9e8268d3e443cba35551d15ef68573

HTTP Headers

GET /assets/img/icon/skype.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 22975
last-modified: Fri, 04 Nov 2022 04:51:04 GMT
etag: "63649a38-59bf"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/img/icon/youtube.png

27.71.237.19

200 OK

8.0 kB

URL HTTP/2
www.bsi.com.vn/assets/img/icon/youtube.png
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type
PNG image data, 350 x 350, 8-bit/color RGB, non-interlaced\012- data
Size
8.0 kB (8004 bytes)
Hash
1d31fbd80cc5ccdd9a29f34d55c20a75
a78657c9cc510fc8a8bdb73d737666c0f660af2a
ca644befab2dc788d6c2ab51a22711ab22341db684dffc39dee53d2c5a3ef5ea

HTTP Headers

GET /assets/img/icon/youtube.png HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: image/png
content-length: 8004
last-modified: Fri, 04 Nov 2022 04:51:04 GMT
etag: "63649a38-1f44"
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9146 bytes)
Hash
11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: e42f040e-a2f9-4538-bbaf-f1e64719f424
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsmpGr5oAMFsmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e2a-15b03190049271db549b1770;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:15:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OjQm2RW65ZJDsUNay0untDwlufnFhXHwbpfAnCwEK3seEDiPIKrnfQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:44:01 GMT
age: 64845
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.bsi.com.vn/5.1ffd0309cf2d71a69962.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/5.1ffd0309cf2d71a69962.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /5.1ffd0309cf2d71a69962.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:04 GMT
vary: Accept-Encoding
etag: W/"63649ab0-12f2"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/16.5100d60f7a66d99f400e.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/16.5100d60f7a66d99f400e.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /16.5100d60f7a66d99f400e.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:04 GMT
vary: Accept-Encoding
etag: W/"63649ab0-6457"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/fontawesome/all.min.css

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/assets/fontawesome/all.min.css
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/fontawesome/all.min.css HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 04:50:59 GMT
vary: Accept-Encoding
etag: W/"63649a33-348a3"
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/@fancyapps/ui/dist/fancybox.umd.js

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/@fancyapps/ui/dist/fancybox.umd.js
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /@fancyapps/ui/dist/fancybox.umd.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@fancyapps/ui@4.0.31/dist/fancybox.umd.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJ6RYA4GHS29V6WB2JBZXJ99-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c54313f90fb505-OSL
X-Firefox-Spdy: h2

www.bsi.com.vn/main.56aee7d4b8796502a3b6.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/main.56aee7d4b8796502a3b6.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /main.56aee7d4b8796502a3b6.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-83e86"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/assets/i18n/vn.json

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/assets/i18n/vn.json
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /assets/i18n/vn.json HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/json
last-modified: Fri, 04 Nov 2022 04:51:01 GMT
vary: Accept-Encoding
etag: W/"63649a35-db2"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/api/home/slide?mask=getslide&language=1&type=1

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/api/home/slide?mask=getslide&language=1&type=1
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/home/slide?mask=getslide&language=1&type=1 HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

unpkg.com/@fancyapps/ui/dist/fancybox.css

104.16.122.175

302 Found

0 B

URL HTTP/2
unpkg.com/@fancyapps/ui/dist/fancybox.css
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /@fancyapps/ui/dist/fancybox.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@fancyapps/ui@4.0.31/dist/fancybox.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJ6RYA490DZ50TF8WKJZDQQ2-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c54313e905b505-OSL
X-Firefox-Spdy: h2

unpkg.com/@fancyapps/ui@4.0.31/dist/fancybox.css

104.16.122.175

200 OK

0 B

URL HTTP/2
unpkg.com/@fancyapps/ui@4.0.31/dist/fancybox.css
IP
104.16.122.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /@fancyapps/ui@4.0.31/dist/fancybox.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bsi.com.vn/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"3cee-0nBcDQHfsMIPKlPzBhAaX/pebOA"
via: 1.1 fly.io
fly-request-id: 01GGNGSZZMAX32Q2MM4BD091HN-ams
cf-cache-status: HIT
age: 1652696
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c5431ccdeab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.bsi.com.vn/1.b4daa55638c038c891ce.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/1.b4daa55638c038c891ce.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /1.b4daa55638c038c891ce.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-20274"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/api/getmenu?mask=menuFooterDownloadApp&language=1&position=downloadApp

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/api/getmenu?mask=menuFooterDownloadApp&language=1&position=downloadApp
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/getmenu?mask=menuFooterDownloadApp&language=1&position=downloadApp HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/public/iconlang/vn.svg

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/public/iconlang/vn.svg
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /public/iconlang/vn.svg HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: image/svg+xml
last-modified: Fri, 04 Nov 2022 06:21:35 GMT
vary: Accept-Encoding
etag: W/"6364af6f-138"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/18.85a89379ff74a21627cd.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/18.85a89379ff74a21627cd.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /18.85a89379ff74a21627cd.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-a9c3"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/4.8ecd008333e6dc256576.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/4.8ecd008333e6dc256576.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /4.8ecd008333e6dc256576.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:43 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:04 GMT
vary: Accept-Encoding
etag: W/"63649ab0-ae25"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/polyfills.420b1e53f11527236d0f.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/polyfills.420b1e53f11527236d0f.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /polyfills.420b1e53f11527236d0f.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-c22e"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/api/getmenu?mask=getMenu&language=1&position=menuMain

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/api/getmenu?mask=getMenu&language=1&position=menuMain
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/getmenu?mask=getMenu&language=1&position=menuMain HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bsi.com.vn
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/9.35b2a66fb99f7f86588e.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/9.35b2a66fb99f7f86588e.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /9.35b2a66fb99f7f86588e.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:41 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:05 GMT
vary: Accept-Encoding
etag: W/"63649ab1-77afa"
content-encoding: gzip
X-Firefox-Spdy: h2

www.bsi.com.vn/12.335c2e20d696564ec001.js

27.71.237.19

200 OK

0 B

URL HTTP/2
www.bsi.com.vn/12.335c2e20d696564ec001.js
IP
27.71.237.19:0
ASN
#38731 CHT Compamy Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /12.335c2e20d696564ec001.js HTTP/1.1
Host: www.bsi.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/vn
Cookie: ci_session=edcpb01q10jovti02u6pei563iqtnn04; _ga_1R8QZ0X3TC=GS1.1.1668822279.1.0.1668822279.0.0.0; _ga=GA1.1.897611562.1668822279
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 01:44:42 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 04:53:04 GMT
vary: Accept-Encoding
etag: W/"63649ab0-7840"
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.ckeditor.com/4.7.1/full/ckeditor.js

205.234.175.175

200 OK

0 B

URL HTTP/2
cdn.ckeditor.com/4.7.1/full/ckeditor.js
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /4.7.1/full/ckeditor.js HTTP/1.1
Host: cdn.ckeditor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bsi.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 19 Nov 2022 01:44:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 183861
x-cff: B
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Wed, 28 Jun 2017 14:57:03 GMT
cache-control: max-age=604800, public
expires: Mon, 21 Nov 2022 15:09:52 GMT
access-control-allow-origin: *
vary: Accept-Encoding
x-cf-rand: 8.366
x-cf3: H
cf4age: 1372
x-cf-tsc: 1668523537
cf4ttl: 604800.000
content-encoding: gzip
x-cf2: H
server: CFS 0215
x-cf1: 28810:fA.arn1:co:1663772073:cacheN.arn1-01:H
x-cf-reqid: cd5dc9e8832bae9325792b48a5affeeb
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations