{"report_id":"bda7ca29-d308-49d4-972e-8de27fd04c85","version":6,"status":"done","tags":["bancolombia","financial","phishing"],"date":"2023-11-25T00:33:58Z","url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":0,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"final":{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"title":"Bancolombia Sucursal Vrtual Personas"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:57:43Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"aurana.vn","ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2022-08-29 07:55:01","last_seen":"2023-11-19 10:57:00","alert_count":34,"request_count":18,"received_data":388593,"sent_data":9970,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ka-f.fontawesome.com","ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":3598,"first_seen":"2019-12-17 07:36:13","last_seen":"2023-11-24 05:10:26","alert_count":0,"request_count":4,"received_data":195518,"sent_data":1889,"comment":"","tags":null,"fingerprints":null},{"fqdn":"images-cdn.info","ip":{"addr":"52.21.2.28","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-02-25","domain_rank":528156,"first_seen":"2020-06-20 01:31:03","last_seen":"2023-11-24 03:31:54","alert_count":2,"request_count":1,"received_data":297,"sent_data":422,"comment":"","tags":null,"fingerprints":null},{"fqdn":"kit.fontawesome.com","ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2012-10-18","domain_rank":1868,"first_seen":"2019-12-16 20:51:31","last_seen":"2023-11-24 05:11:09","alert_count":0,"request_count":1,"received_data":12243,"sent_data":429,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"kit.fontawesome.com/45b9078c9f.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e8e4f917ed26e3a1d2f26077eee3f73c","sha1":"b37c96d5deda15c3754f058f8f42ecc4fb9e4970","sha256":"8212039d17d158453c6305a5ca08559ca48007be17b5fc214a00b57461e9d8a4","sha512":"3fa9ebcdc9f3e0eae35e28239e841f747a0c07b64020c3d20fb7f2fba9553f4ab68beaaedd234b4e84343d045e9eb90207965bc2264984533d38b9b0c3300d50","ssdeep":"192:PkO3pHuf4n7ACpiIthMzn/A+gmTVULb2nZsyP4lO3mX7dvh3D21Q5l8hf0kCzMn:cdVCfhMznrnBrmL9h3D21Q5l8hfl","tlshash":"6832a4997691b5b246eb7160803f620bf2753536300ad060e25dede46c7dd6e9233f2d","size":11642,"data":"","first_seen":"2023-08-03T05:21:29Z","last_seen":"2023-11-27T05:17:07Z","times_seen":185,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/jquery-3.6.0.min.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-20T03:35:19.750757Z","times_seen":471194,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/jquery.jclock-min.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","size":3337,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.771181Z","times_seen":715,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"72c849f4e961e28f1b808e494aeb74fc","sha1":"fc8dac259db80d9b7726d9879c87bf215da0c998","sha256":"e9a8b6953d544e0ecbcaceb9bf82f0d6fff65278545f11d0ee580072e52a66b1","sha512":"8a7283ddd117af134b92deaeb88909e9a434a2675d0cbc5af60ca0bfb61a7f0d228c428e75f10f29e175c05eff4762b39b5f6dfc092c666bf257c0f0ce0bba5d","ssdeep":"","tlshash":"b0a0220b203e30e32002e0ec382f0020eeb2e0bf0c28cfc0800a0880b8802380232e8c","size":73,"data":"","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.808277Z","times_seen":794,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/functions.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"b997a6d94e03ee0a72f037450b0f1186","sha1":"70e7b3fcf5da6898da405fe1e4795356bd77df45","sha256":"e2a99f7b3e57b6db7e845380ffa28aaa1d27e433b0fb7b62c3ce34a6cc58825b","sha512":"ba7baf822720287829a477f5f6c09e4ff898dc2854209f51b3032512f7268999ba5518c513be0de2a1c4d0d242141f501c3dbf4e9619b7c47b837ccbda8138d1","ssdeep":"","tlshash":"c28116fc357670340a62723c185b2f012a9f7c5637145f423b5dc9b8dbe825eaa22fa5","size":3639,"data":"","first_seen":"2023-03-08T06:41:13Z","last_seen":"2024-12-12T13:23:44.342659Z","times_seen":224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-20T03:38:11.701034Z","times_seen":15465433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-25T00:33:43.635Z","timestamp":1700872423635,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/ HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/7.4.33\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1991\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 25 Nov 2023 00:33:41 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1991,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"beb1be00d4783900dc0786e3ab5d4f06","sha1":"1cac599f25a131f10bf91379b7775c143361566c","sha256":"13629d181d405d9e0cf3d4861265bc990921869c49346513281f3b1870d72cb4","sha512":"2830ad22099c6bc49e753f822e8b8ef2291b8fa29d452d2bbce6c5d3a3a2d0ab8d803b1493065482e45b667726581899cac5db0a654972d4d788dce46a1dbdad","ssdeep":"192:FLQtNv3O+hK2d6QjR7mjs7O1xw+/sr/Xc/Xq/pnlit4aujxf:Fr8K2d6MHO1xw+/sr/Xc/Xq/pnlNzdf","tlshash":"82d1ea309bdca05b1573129184366e99eed38935f3138d19b2be176b1fbce0da943460","first_seen":"2023-11-25T01:34:01Z","last_seen":"2023-11-25T01:34:01Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2015,"timings":{"blocked":863,"dns":1,"connect":285,"send":0,"wait":289,"receive":0,"ssl":574},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/css/style.css","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.019Z","timestamp":1700872425019,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/css/style.css HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 15 Jun 2022 06:41:20 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1291\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1291,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"72479bd20c38e802443cb174a470cbc9","sha1":"2d9d08213047e1f765e40f8e35cc634042fe6a92","sha256":"51aa53f23ba2b51e83eca02fdb47b2212252e7b5088a6c42b8b15431168fd15c","sha512":"ede9e340deee9dd23d5328f601d703d1b7c7804650b48df951eb886596227343a923ba39909e65a405bfbf8b7c4fa1f59a452833b2bf55158632a043e73a6377","ssdeep":"96:7GgJeJbJpJUJnGngyrA1p2ghJhJ/JNmZRYJCCuz8/Ju1GDyTXeJbE/L02jO1:vWtnQG43fBeSCF8Bu1GyWQg2y","tlshash":"39c1dd06ea4a028bb63618a9ff366ba7ed6c4003570747717ae077229fb507d5e907cc","first_seen":"2023-04-05T04:08:00Z","last_seen":"2024-12-12T13:23:44.339657Z","times_seen":372,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/css/stylesheet.css","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.020Z","timestamp":1700872425020,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/css/stylesheet.css HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 13 Jun 2022 03:37:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 410\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":410,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (360)","md5":"a310982fb888be050fb3ab09d40d7ffc","sha1":"b4a86966fec0a29c9bae72c1279a762cc009bf21","sha256":"f27f79e97e6af6f6003291117a51ded4ac0271248d26e5acf840f666d12d38b2","sha512":"13df75f25b4827fa911f8700005d3c48d7acfb68ea4de57f244ac720b80e3bdfaf2fc4e36dfe795ca314a19cf4a38fb696d4501a934f91e21d11b9163b7d3b69","ssdeep":"","tlshash":"e1514960d14a799345583c5733db7f244f8d286670048457a23489afecf2a6a92d6f0f","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-09T03:07:33.796606Z","times_seen":611,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/jquery-3.6.0.min.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.021Z","timestamp":1700872425021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/js/jquery-3.6.0.min.js HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 10 Aug 2021 22:21:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 30267\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":30267,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-05-20T03:35:19.750757Z","times_seen":471194,"resource_available":true,"data":null}},"time_used":571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":282,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/jquery.jclock-min.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.023Z","timestamp":1700872425023,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/js/jquery.jclock-min.js HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 24 Jun 2021 01:34:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1259\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1259,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (2957), with CRLF line terminators","md5":"71722c7314fed201941f23bc1fe9604e","sha1":"1d1c35c3b25ea4056bd39ba290523e70bd2f8038","sha256":"93bf1714fd8d4cad23861f0017d5b3335f8b009f59d2bd654dcf0c29b7f36031","sha512":"f0c56d414d56bcb50a3264783781dedfb7401a553069a2d96b6b62289fb4246dc1fe601a6fdb8acd069e43c382788592ceafcc31ce799f6c1cc1025ca89ce6ea","ssdeep":"","tlshash":"a671545a243cc2d16a96bc39287f1e73c63b5d36080ae46c794fd6c5682c83f556ba20","first_seen":"2023-03-07T12:11:26Z","last_seen":"2026-05-09T03:07:33.771181Z","times_seen":715,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/js/functions.js","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.025Z","timestamp":1700872425025,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/js/functions.js HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 23 Aug 2022 10:31:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 699\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":699,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"b997a6d94e03ee0a72f037450b0f1186","sha1":"70e7b3fcf5da6898da405fe1e4795356bd77df45","sha256":"e2a99f7b3e57b6db7e845380ffa28aaa1d27e433b0fb7b62c3ce34a6cc58825b","sha512":"ba7baf822720287829a477f5f6c09e4ff898dc2854209f51b3032512f7268999ba5518c513be0de2a1c4d0d242141f501c3dbf4e9619b7c47b837ccbda8138d1","ssdeep":"","tlshash":"c28116fc357670340a62723c185b2f012a9f7c5637145f423b5dc9b8dbe825eaa22fa5","first_seen":"2023-03-08T06:41:13Z","last_seen":"2024-12-12T13:23:44.342659Z","times_seen":224,"resource_available":true,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/logo.svg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.029Z","timestamp":1700872425029,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/logo.svg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 13 Jun 2022 02:11:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2479\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2479,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (667)","md5":"c049dccd21049cb237daabdb645ec648","sha1":"e29af3f65a8312efd3ea4c3b66d4bd86657dde1b","sha256":"2c7a6ea74a49a6adc3fad622078895e9b2589448214913d8c035764148aca7d0","sha512":"844c7a9d9b8863e1b7b7cd5aadee4ee65f7ac48a8b4b603ca57bf18662c0d331057dc19f5c72ca69f6cabe402f20bd7cc9ad8cad7717ea17ba0d89e63f2bc24d","ssdeep":"192:T2qGoTy+MilvndjzUy+3TIq9YCdXkY/rPCu:TQKgw6/D","tlshash":"04e176ed33b0c6d06c43e7f5ca2a11f9316a68fd5bc7d69582b0ed8575502b9488ccc6","first_seen":"2023-05-03T14:04:56Z","last_seen":"2026-05-11T15:04:48.86706Z","times_seen":843,"resource_available":false,"data":null}},"time_used":569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/error.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.031Z","timestamp":1700872425031,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/error.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 15 Jun 2022 03:46:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5363\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5363,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 195x194, components 3\\012- data","md5":"845eeed3b61d4c19ed0059c42fa7fc2e","sha1":"ace747921c0b92d8451a1562759c867296c31b44","sha256":"f68c633109e951014c6c401f878be7196c8894f6723215afb18388dbbbb83f1d","sha512":"f63bd639d06fe8aeb206af7cc08ab0804ac5649e5f3ca8f782ec8f758205b15ba3739942db1229675dfdd8913a9f77deab0756a8a9fc3190a951911efaf53496","ssdeep":"96:bAo7Z4BFz9xfjt0zwZhV3aeOZ35KoF+16ALzYT7+QLQNSWQvaUhu+t2:57ZXzwZn++ZQeo7hC","tlshash":"96b17d7845bbc8b5ff62067ba15984727350fc905c68d3ef6bd419bcf9c8a828dc4044","first_seen":"2023-04-30T17:56:26Z","last_seen":"2024-12-12T13:23:44.346199Z","times_seen":524,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":569,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/info.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.032Z","timestamp":1700872425032,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/info.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 14 Jun 2022 09:14:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3438\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3438,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 62x61, components 3\\012- data","md5":"72f07f88a708281bb165235fb88649ee","sha1":"d2e7284036b30a170dc68c2ad476d664234ed66c","sha256":"13df691e5ad1109013261983ff6272aa37353f3b28525a9e8b0b29355a1ebec4","sha512":"f04ad8b3fb72d2b4e9f9c655dd14a2e4e192fabae1965a019461fa1797233e39d0de55a333e0d2213ea42037d5ee3d4bd0516d353f9a7f2471ccf99234dec116","ssdeep":"","tlshash":"85614dcdbe248441e07e1ebde2440941d615f895f4f0875f9162aa2ff86a70d47d4716","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.348738Z","times_seen":515,"resource_available":false,"data":null}},"time_used":849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/demo.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.033Z","timestamp":1700872425033,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/demo.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 14 Jun 2022 17:00:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1465\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1465,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"992039d1b794268d688a19b3563b7cd2","sha1":"9116dbfe0fe620a6351952c1053017501537002f","sha256":"61541605fc80557ad8cbc03b7d7ea64e94732198e536d4618dea0cb70191eb48","sha512":"61deb0ee1e8a821e974ac81295fa0f883ad2873fcbea69ada699dd18e34723068905c205bf72f6603fc328a63859436cbaaa5bb4cdae00d92fa5852c6c0e1a5a","ssdeep":"","tlshash":"3031b66befd77845d9fa0c31a8a10be5b302abc08e735bc93a647e15a5203c858222c4","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.350971Z","times_seen":436,"resource_available":false,"data":null}},"time_used":849,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":849,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/seguridad.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.034Z","timestamp":1700872425034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/seguridad.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 14 Jun 2022 16:56:48 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1935\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1935,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"1aa9d62d948208093b507e8e1439b309","sha1":"72f701f1204320b47d9966d5d0ed496a733adb80","sha256":"1800e5e993450b4f547840ccb7abf5cd1f285f6cf9784b3ec23675528a49ff8c","sha512":"4acfb26832ef8591c9013f0ac40205be89767f961b84d7219c22d96b6d513abb705f9c8ea6fc159e9236667e7c6e39760dd635518764a641c8801a1cd16b3728","ssdeep":"","tlshash":"be41192747ef40a8cbc90035093529bb3755bf46dbb043933a113f2cb804048ba5e880","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.352874Z","times_seen":436,"resource_available":false,"data":null}},"time_used":850,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":850,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/reglamento.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.035Z","timestamp":1700872425035,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/reglamento.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 14 Jun 2022 16:56:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1764\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1764,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"be3af886cffea048856b7fc77eaeebfc","sha1":"96c0ec1895b5544070fd9c3ff371812ea04c7932","sha256":"4d31c93eab87267a6e5e827fedd488a02c824a79ded4f00ef19f7431eaedab12","sha512":"f5e242594fe65a593da901ba2e108ab31b886661f613eed6c6d05b28f816fea2d3c0ce022c6b0cad0ffebc56c04809f129c07fbbfb9e6373367a7c16a260e7f8","ssdeep":"","tlshash":"d931b61aefb904e9eca44235696461303ba9fde151f3375f609a0e921e371f148f4448","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.355515Z","times_seen":436,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/politica.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.037Z","timestamp":1700872425037,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/politica.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 14 Jun 2022 16:56:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2615\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2615,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 103x103, components 3\\012- data","md5":"7bb6c2ef23b43c8b8723d9e68ddf2fec","sha1":"351b75536ef2c3244b7ba1eec7fe13215990a177","sha256":"7b4d681b13b2beeab7a0dbd807eac72b762dec8e3bb18410776270a51860ac86","sha512":"1455bbe49598927606b8e3089503a1096a580119410a60043a24cb4abc9a96f7c97c6907f4faecc68b91d9ce26c68db0de4a9ef605e8b7cfe0833eb5e3e377da","ssdeep":"","tlshash":"5d5119867f3ef84af23d207f096064143b6c152299f527c4b8010551bf787a8f58970a","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.357773Z","times_seen":436,"resource_available":false,"data":null}},"time_used":848,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/inicio.jpg","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.046Z","timestamp":1700872425046,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/inicio.jpg HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 13 Jun 2022 02:22:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 47804\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":47804,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 627x327, components 3\\012- data","md5":"085532800ace541124cb3472d27a2365","sha1":"153ac0b32e31c472e021e450b6e48f4564a4c40f","sha256":"35500fe4c97323624f089389243374c56e666e25478685a849c2456461a6163d","sha512":"a4f486a50d2957e7487c9c4ea6f74c33ccc1aa5e9b05ebba3a28333e974dda58d62c9a52d7c934d138597ee709ab19f56f671f4e1883f44633ddfa90d286d260","ssdeep":"768:pYyR3X9JckDf/zE3NKoN3pgc7D88TgVWVf7T7ZBiVLPnKP4UlqSCSmPi9/NRf89R:pN/PTA38k3pgeDZl72gP4UlSiql8xk","tlshash":"2523d066a95783b2f7c4df30b3f3e563005f6554933e7d208067aae74510c9ce89caaa","first_seen":"2023-04-30T20:28:03Z","last_seen":"2024-12-12T13:23:44.359668Z","times_seen":105,"resource_available":false,"data":null}},"time_used":1127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":848,"receive":279,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.255Z","timestamp":1700872425255,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v5-font-face.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurana.vn/\r\nOrigin: https://aurana.vn\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"dbf296002d53e56d340b105d9d764940\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 76cca2ef798b9dc955bb151bf3bff218.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: 9c5gCY9IvKmQAyn5p4iCawm1JU1VD4LJsVvzIsqTTNMMbGJbZhmeeQ==\r\nage: 8583\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=KTDqtR3POuiX6TmbYML5d8vtfmcgyK6z3MWHHfO3DT6q8ivPeoYDuv%2FiCKD8jdidNjsebFPGdRYTvhK%2B9dPReLpGqI0kxyEDWkgte76pmBVTEKOQ103sRTZrsgDbmWB7NZbXP22JOw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82b5cd3ffadd654f-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":745,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (608)","md5":"dbf296002d53e56d340b105d9d764940","sha1":"bfc98f20287b5f7a435766adc779bd74c4ce4280","sha256":"0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9","sha512":"e65487eac3039b7ff1de5127e7862f42d183690f757f6da409a319fa3eac1a35e42fff237b28d21e36717723492a5a41b23255f565ffb9ff5486395f18cb2836","ssdeep":"","tlshash":"b3012b5d0569006141510f1138dbfb09bd0eb16778a95ea2911b8d2d5cfa90b73f5f09","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-17T08:50:18.027179Z","times_seen":600,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":78,"dns":0,"connect":30,"send":0,"wait":41,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.259Z","timestamp":1700872425259,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v4-font-face.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurana.vn/\r\nOrigin: https://aurana.vn\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"9b853b50f37dd0ca770ce0f294d427df\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: fa-kit-token\r\naccess-control-max-age: 3000\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: FJBuklCuP3IUo5wqPR-mboNdoZqkAzX3FXNiPqfD4lqSJo-CZKIJPA==\r\nage: 8582\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Y%2BwsO87CvXFE3F51LuxEqM23K2LA%2FsYSAzG2PR3rRkCTDPvPJ4LO3Vu17BecOpq%2Bn1yz%2F1O0vzt%2B6Ru%2BptZh2u%2BW%2BuhUV9foWZ2ibZgE%2Bb3R0H7i9rlJgubqulrXYx66pIUnsGOrRQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b5cd3ffae5654f-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83280,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1560)","md5":"9b853b50f37dd0ca770ce0f294d427df","sha1":"06cafaca197afda406bc5a72bcd6474758e51e65","sha256":"6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48","sha512":"f2ba27f4d83632f83690d0fcbccc5448fc9b209c5bf925f9ce14697eb5f0c8de8839692626d2cdf988d75b279b44e79ff0b5a062e9662b79bf6f9c785bcb35e1","ssdeep":"","tlshash":"0731f02806d401b0b0313f193ac77124eeae74669bb95e63d62b88140dfec55f3d5f48","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-17T08:50:18.134784Z","times_seen":624,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":76,"dns":1,"connect":33,"send":0,"wait":39,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/fonts/opensans/CIBFontSans-Light.ttf","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.646Z","timestamp":1700872425646,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/fonts/opensans/CIBFontSans-Light.ttf HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/css/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Thu, 24 Jun 2021 01:38:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 52943\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":52943,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 33 names, Macintosh, Copyright (c) 2019 by Vasava Studio. All rights reserved.\\011CIBFont SansLight1.300;UKWN;CIBFont\\012- data","md5":"69096387df83ff65381f8ee25006b0aa","sha1":"89689ed7f7547a3815d9fa2d0a2c11513480086e","sha256":"decf1c3cb09b3e38d867e0d5cf648220584404c9cf8d18a6c51bdfa2af5047cc","sha512":"37aac063f5b5fb01f5e02497ec70e01ea7837feeb4167c5e8820cf02167445f4df90305db680568f45137de3e70c90a15bac5b723df0d83c6fdf390d0ce59d35","ssdeep":"3072:Po1/vxSHr+yjrdSiQTuicg4D47RiDEU3nlKXjY:PolO+8jiBDRiDE3X8","tlshash":"5ab37d07f353e609d41a8e381472d766f7e5b43aaf7b034b657a6539fcca5e08c2a180","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-18T15:52:38.550096Z","times_seen":989,"resource_available":false,"data":null}},"time_used":788,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":492,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.254Z","timestamp":1700872425254,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free-v4-shims.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurana.vn/\r\nOrigin: https://aurana.vn\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"da06df503ced6ee507b5fb4fa0999f74\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: 6B5g0_6NO9rIxRtG9bJ-u3o3FO0AJbQvJddve2sos3nB_8grgcWMcw==\r\nage: 8583\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Dd%2BXTwfh280%2F4IsoVUY2rNIzIRmIE%2FpRx3JhlHCTWcuEWpt5bRXNwgXGVF0HnyWNCqB6F7JVnFf%2FKlruA4PeECSCwKgEbK4jggFVNlwsxZAFkhGo%2BEtkHUUqe8DTBbbTm34BlDpW%2Bg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b5cd3ffae1654f-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4374,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27377)","md5":"da06df503ced6ee507b5fb4fa0999f74","sha1":"d10d67ffa9c263e24c43b1df7fa3ba8f2dee2c36","sha256":"236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554","sha512":"4bb9f9b6715e2313bb4ee2405f48c4c215fb8f232a69c1d0269c2176d9e0528bcfbe91a99bcd7b0bd6696a1de773979aadead29fa4d37d9a9780cabe70e18990","ssdeep":"384:0fwu4Eyfd7PNRzAmReUtPAM0NuzwpmnWt:0YuqdNReUtPAM0v4E","tlshash":"3cc20569931da0e3b3a8e847bb0172e8277577999a864c50f30b7c4c5dc3a5772e8f18","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-17T08:50:18.112292Z","times_seen":1993,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":79,"dns":4,"connect":35,"send":0,"wait":39,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/logo.png","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:46.356Z","timestamp":1700872426356,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/logo.png HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 06 Jan 2022 02:33:06 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9489\r\ndate: Sat, 25 Nov 2023 00:33:43 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9489,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 521 x 520, 8-bit/color RGBA, non-interlaced\\012- data","md5":"2903c67701750d246b77ee1c1c9188f1","sha1":"028e6e88d6563e81eb77807c38f401cf5e7f2be0","sha256":"c2fd3f9e79070fdbcb7ed3270a428a6ecd22ae089ab6e573eb4dfe91079c41fb","sha512":"69d91b5ec22b115e7a04bbde1ac0a2cd5363ec43b31c2306db750fc633b09f200747134d64fa65ae08878022da83528c7dfd85e52cf8414682384e63320d6392","ssdeep":"192:RHdLF/vqjt+4Ax2zv7OSrsA115FfQXlJeY2hyPjNpD6zQc4HXht4:RNJv8tFTxsA11PfQXX+hyXDk4Hxq","tlshash":"4312aef04e8261c76e65e98c50e2bec8fef56ff71634c1bf8076656443dc25aa5084b2","first_seen":"2023-04-30T20:28:03Z","last_seen":"2026-05-09T03:07:33.767144Z","times_seen":591,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":282,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=45b9078c9f","fqdn":"ka-f.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.204.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.251Z","timestamp":1700872425251,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ka-f.fontawesome.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 08 Nov 2023 07:11:36 GMT","end":"Tue, 06 Feb 2024 07:11:35 GMT"},"fingerprint":{"sha1":"BC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81","sha256":"95:DB:E6:BD:0B:8B:40:88:04:6D:9A:E7:2D:72:2B:65:28:9E:D8:5F:A3:7A:9D:8A:55:13:EE:FB:3C:93:E7:10"}}},"request":{"raw":"GET /releases/v6.4.2/css/free.min.css?token=45b9078c9f HTTP/1.1\r\nHost: ka-f.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurana.vn/\r\nOrigin: https://aurana.vn\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Tue, 01 Aug 2023 19:07:56 GMT\r\netag: W/\"ae737a19e46fd502ba9cbe9e33213861\"\r\nx-amz-server-side-encryption: AES256\r\ncache-control: max-age=31556926\r\naccess-control-allow-headers: fa-kit-token\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f546fae491a152f9c1396e6d0a62bb42.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: LHR50-P1\r\nx-amz-cf-id: S_wcBq30Xv1iRG8vtdVyMOuZVXKAYwOqzWtj4g_noddY1OAusidi_g==\r\nage: 593305\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=tuZDBcGS6HMmea2DjZVk3fVCT%2FY%2FQQccgdcU9V3Uk8oBJG3DETlxVwjq2EMaqfQ3Bs00%2FV27xb8MdBnzm%2BR7dSwHxO5PurkGNGJQMoDW5earxutO01Q2YRZEnPC47olOnMIiCcZvng%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82b5cd3ffabb654f-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102749,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65321)","md5":"ae737a19e46fd502ba9cbe9e33213861","sha1":"a4b5d757af122c49259d4398807e62d4ca6f2493","sha256":"5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223","sha512":"a84c3d7955db3c2976f5d3005377014ef44c88ab7fc3ac9bd85b2d02b8685e93bd1c4e1c61206cc8e98aaf7303f0ff489a6bed50872ee089f6d2290583813260","ssdeep":"1536:0mMCMPMCMjMCM4MCMwMCM3sVMH709gbPMfjSFOTyPGuiprrlCP:4709gMGFiyPGuiprlCP","tlshash":"a9a3b8f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-02T23:15:01Z","last_seen":"2026-05-17T08:50:18.022213Z","times_seen":2012,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":74,"dns":2,"connect":30,"send":0,"wait":42,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images-cdn.info/444/image.gif","fqdn":"images-cdn.info","domain":"images-cdn.info","tld":"info"},"ip":{"addr":"52.21.2.28","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.612Z","timestamp":1700872425612,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"images-cdn.info","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Sep 2023 14:32:27 GMT","end":"Thu, 21 Dec 2023 14:32:26 GMT"},"fingerprint":{"sha1":"88:93:F5:C8:53:76:D3:B8:44:CB:1E:F9:F2:4F:90:51:4C:69:12:80","sha256":"6C:EC:FC:BB:EA:02:51:A1:81:9A:56:92:6A:54:61:7E:D4:A2:4F:3F:20:10:14:4D:20:25:DC:50:0A:E9:5B:D1"}}},"request":{"raw":"GET /444/image.gif HTTP/1.1\r\nHost: images-cdn.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\nserver: envoy\r\nvary: Origin\r\ndate: Sat, 25 Nov 2023 00:33:43 GMT\r\ncontent-length: 42\r\nx-envoy-upstream-service-time: 6\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-20T03:30:16.525609Z","times_seen":900604,"resource_available":true,"data":null}},"time_used":1691,"timings":{"blocked":792,"dns":248,"connect":100,"send":0,"wait":106,"receive":1,"ssl":439},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/fonts/opensans/OpenSans-Regular.ttf","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.638Z","timestamp":1700872425638,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/css/stylesheet.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Thu, 24 Jun 2021 01:39:20 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 82652\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":217276,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 19 tables, 1st \"DSIG\", 26 names, Macintosh, Digitized data copyright \\251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\\012- data","md5":"d7d5d4588a9f50c99264bc12e4892a7c","sha1":"513966e260bb7610d47b2329dba194143831893e","sha256":"13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8","sha512":"ce9f98208cd818e486a12848b2d64bd14e12d42d84b2e47436a3c4420a242583eefc4a9b42401b51cc204146c6133645975682e4bb5d48527b3796770efa3397","ssdeep":"6144:GLpzdD/rIJXiQTutgCNktQFvmnoxXTS4u8sl:c9FrIJJaqCNktA+SXfJsl","tlshash":"62242879b20139e6df11d4b7c261fe80281a7863a73f802b64e3477a88575cdbe53e49","first_seen":"2023-04-05T04:08:00Z","last_seen":"2026-05-20T03:04:07.9316Z","times_seen":4034,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":507,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"aurana.vn/Productosenlineaactivate/mua/img/user.png","fqdn":"aurana.vn","domain":"aurana.vn","tld":"vn"},"ip":{"addr":"103.77.162.5","port":443,"asn":45544,"as":"SUPERDATA","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.629Z","timestamp":1700872425629,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"aurana.vn","organization":""},"issuer":{"commonName":"cPanel, Inc. Certification Authority","organization":"cPanel, Inc."},"validity":{"start":"Thu, 05 Oct 2023 00:00:00 GMT","end":"Wed, 03 Jan 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CC:4A:9A:C4:72:32:63:72:EB:54:46:49:93:77:F8:21:3C:42:27:1B","sha256":"D7:5E:C7:B9:A3:A3:0E:AB:65:EF:02:52:BD:CF:69:EB:AF:D2:9B:03:96:6F:9C:9C:0C:60:AC:89:10:8B:25:FD"}}},"request":{"raw":"GET /Productosenlineaactivate/mua/img/user.png HTTP/1.1\r\nHost: aurana.vn\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/Productosenlineaactivate/mua/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sat, 02 Dec 2023 00:33:42 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 13 Jun 2022 23:54:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 447\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":447,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\\012- data","md5":"0e3457ed5ea858d1e9287ef66dcbbfe4","sha1":"006c99b62e141ebbc69f6e06cab757995d3f7417","sha256":"75d5b455151a3b1a0a5b100041fee37de2daa0b41d1d177deaa863177c5b5b83","sha512":"b9015382ea09da89f6d18a8dc50d07f1b3b8d740627bd276e63f5333bb478a5cb71edb556c113e2d80fd27a7ad72f7877b081c658db8efa2c89dad2960acb5e4","ssdeep":"","tlshash":"e6f023e3938a2c7c5a2885e9a9773d68b5ff0b383c0400bf9c417b2cbc1c5006b58202","first_seen":"2023-04-30T20:28:03Z","last_seen":"2026-05-11T15:04:48.867545Z","times_seen":604,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Bancolombia","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Bancolombia phishing","tags":["bancolombia","financial","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"kit.fontawesome.com/45b9078c9f.js","fqdn":"kit.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"172.64.147.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aurana.vn/Productosenlineaactivate/mua/USER/scis/j6UnVHZsitlYrxStPNFUN4TsSjgEJkN7dlDp6FXSjFxO/3D/no-back-button/","date":"2023-11-25T00:33:45.018Z","timestamp":1700872425018,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.fontawesome.com","organization":"Fonticons Inc"},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 22 Nov 2022 00:00:00 GMT","end":"Sat, 23 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E","sha256":"F6:72:03:2C:D0:96:E1:1E:BD:AD:77:14:74:82:CE:BB:40:88:41:FC:D2:F9:16:2B:93:34:73:8F:84:4F:FC:82"}}},"request":{"raw":"GET /45b9078c9f.js HTTP/1.1\r\nHost: kit.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://aurana.vn\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurana.vn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 25 Nov 2023 00:33:42 GMT\r\ncontent-type: text/javascript\r\naccess-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 3000\r\ncache-control: max-age=60, public, stale-while-revalidate=30\r\nvary: origin, accept-encoding, access-control-request-headers, access-control-request-method\r\nx-request-id: F5q2dNQaVEdzRGGfBafB\r\ncf-cache-status: MISS\r\nserver: cloudflare\r\ncf-ray: 82b5cd3e1d1bb51d-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11642,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (11213)","md5":"e8e4f917ed26e3a1d2f26077eee3f73c","sha1":"b37c96d5deda15c3754f058f8f42ecc4fb9e4970","sha256":"8212039d17d158453c6305a5ca08559ca48007be17b5fc214a00b57461e9d8a4","sha512":"3fa9ebcdc9f3e0eae35e28239e841f747a0c07b64020c3d20fb7f2fba9553f4ab68beaaedd234b4e84343d045e9eb90207965bc2264984533d38b9b0c3300d50","ssdeep":"192:PkO3pHuf4n7ACpiIthMzn/A+gmTVULb2nZsyP4lO3mX7dvh3D21Q5l8hf0kCzMn:cdVCfhMznrnBrmL9h3D21Q5l8hfl","tlshash":"6832a4997691b5b246eb7160803f620bf2753536300ad060e25dede46c7dd6e9233f2d","first_seen":"2023-08-03T05:21:29Z","last_seen":"2023-11-27T05:17:07Z","times_seen":185,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":29,"dns":28,"connect":2,"send":0,"wait":149,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}