Report - intek.com.vn/

Report Overview

Submitted URL
intek.com.vn/
IP
123.30.191.186
ASN
#45899 VNPT Corp
Submitted
2023-02-05 16:24:40
Access
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - Suspicious JS code

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	382 B	6.4 kB	216.58.207.202
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
intek.com.vn	unknown	2015-08-27T18:38:50Z	2023-02-26T04:17:17Z	13 kB	980 kB	123.30.191.186
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.26.112.186
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	434 B	23 kB	104.18.10.207
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	389 B	28 kB	104.17.25.14
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	4.0 kB	110 kB	216.58.207.227
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.33.119.27
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.0 kB	1.8 kB	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	400 B	630 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-05	medium	intek.com.vn/	Malware
2023-02-05	medium	intek.com.vn/	Malware
2023-02-05	medium	intek.com.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17	Malware
2023-02-05	medium	intek.com.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1	Malware
2023-02-05	medium	intek.com.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1	Malware
2023-02-05	medium	intek.com.vn/wp-includes/js/hoverIntent.min.js?ver=1.8.1	Malware
2023-02-05	medium	intek.com.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.6.1	Malware
2023-02-05	medium	intek.com.vn/wp-includes/js/wp-embed.min.js?ver=5.2.17	Malware
2023-02-05	medium	intek.com.vn/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2	Malware
2023-02-05	medium	intek.com.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/webfont/1/webfont.js	13 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1/webfont.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-19 19:08:39 Times Seen22315 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	intek.com.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1	164 kB	2023-03-11	2023-03-13
Pretty URL intek.com.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:07 Last Seen2023-03-13 17:46:15 Times Seen1 Hash b05f9880bfc117ba55faa3e77b94e90d 36703469aa0a4b31b3d44b69b5353a8871e504d3 8c3351b000d6da0327369e3aa412b5f3643bee377a7db9ed01e593d7bbd0a387 Loading...

	intek.com.vn/wp-includes/js/wp-embed.min.js?ver=5.2.17	3.6 kB	2023-03-07	2023-08-25
Pretty URL intek.com.vn/wp-includes/js/wp-embed.min.js?ver=5.2.17 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:38:26 Last Seen2023-08-25 17:07:57 Times Seen7 Hash 6fb496a6052524c5af34d17282a2d992 86457e2c1994e8a9c8f53223e9f44fe9f412a3eb 7eade2a04daeb5d1bc552665358fab7d20384d90ac76fb46c5c0aea1d1e7dabe Loading...

	intek.com.vn/	3.5 kB	2023-03-13	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 10c8b8b21b4a5b47f14af195e1fa6266 f3812611890849a81565b2c6738666a6bd2cb8c3 541526ad407023efa4a6c04baa59f538c37a3fa015cc55eade4200fa6a2adbbe Loading...

	intek.com.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1	17 kB	2023-03-08	2023-11-09
Pretty URL intek.com.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:23 Last Seen2023-11-09 00:15:47 Times Seen3 Hash 66d22220c6b4a8854d1eac77808caf0f 53602dab0f900b2ac4bab5de3cdf6f3eeb82396f d4ca876734f837d39ba250f1526b27ca28f16dc1b54122831a536840c898b19d Loading...

	intek.com.vn/wp-includes/js/hoverIntent.min.js?ver=1.8.1	3.3 kB	2023-03-10	2023-03-13
Pretty URL intek.com.vn/wp-includes/js/hoverIntent.min.js?ver=1.8.1 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:34:05 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 3d8b9628d9a59c440f0089a77ab35db9 ddec50452a8fc404735f816ee8ea38faa36f31d2 d33df188762e3a43fa0683d2e2ab56b340857f263f7bbd873ffe1b5bce86e8db Loading...

	intek.com.vn/	172 B	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:06 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 764c6bdd07198a738946d8ff9381e9b8 19e0535a81bbc300314b1180d3ef5e0169f31bb3 b65ec7f0a1b565cdd7503714acf43044fa842899f9329274ece0316abb686c3b Loading...

	intek.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	12 kB	2023-03-07	2023-12-13
Pretty URL intek.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:57:40 Last Seen2023-12-13 03:24:12 Times Seen55 Hash 53c6e293a5082a270cbacac5500dfda9 985794f10dae48eb176d476ab3168cd7e9c5792f 338f81e2d92f1dacaf627f96bd19ac4d1d8b21b5a7c6934a8446fa00064ec253 Loading...

	intek.com.vn/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	99 kB	2023-03-07	2023-03-29
Pretty URL intek.com.vn/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:44 Last Seen2023-03-29 23:45:20 Times Seen4 Hash 9b4ca58350f23bf3f6f98d16493ddc4f 28be7918e00104958573ac361f6be77e91712bde 2da2297a356ac3ae2420c3ff6a5a2daf5cd51acc700f18120f0eccba6c1faebe Loading...

	intek.com.vn/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0	3.9 kB	2023-03-13	2023-03-13
Pretty URL intek.com.vn/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0 IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash e0fdaf3ad5fa387ed2476ada46783b75 32194d4aa4314e8a3a9a97b842937c4351587a5f a70ad8151dc6d9d997c432422c40a5f3e6f6ece6b0ee9d7c816512e2600d9bd9 Loading...

	intek.com.vn/	475 B	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:07 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 3f21c1a99854fed1e2efbf45aca23f4f 035d0d6d09d3f7dca72924311ab6bd89056f87b1 73d3fd52cefaca05365cf32c6b20ebd61bd4c9c27a929c06407d7b4d36b46e1d Loading...

	intek.com.vn/	261 B	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:07 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 4a8869a2dbf22006d74ada501ea7127b 71855394710409d3d16b35fc05d06e74d6d03c09 bec0abfb558de4e51f0d1b4641d86952b2d346c4aa7cc8d014e2bcc326016d84 Loading...

	intek.com.vn/	14 kB	2023-03-13	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash b9c9d7802e7a442362227f03f7fe018c 8c88e8e1c7403c71d4aad1ad53101c28d947809b b5f637fb4a9b54bb6bcce43a119d7f8e78dc1f9e799c90cbd2c84fdac41cbfef Loading...

	intek.com.vn/	11 kB	2023-03-13	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash e4aaf999d7a2d8a0617a39fdee793bfc 15a5ad96dd89c3d8241ce8a285e322727406f068 ac1256d4f43ffafff360a39b880f6b9e3d34696421b951305ae3b922b261bd63 Loading...

	intek.com.vn/	2.1 kB	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:07 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 61fe6d263128e39d1c4b8601002f61de baee3f2100d3d505237876b63125328f1ae07665 750a23b5fa728ab96f06b58fe3f5cfa7d6e0637df47f0553367b2e566f6aa7d8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 21:14:12 Times Seen61162 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	intek.com.vn/	102 B	2023-03-07	2024-04-19
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-19 11:02:50 Times Seen6714 Hash 336b4b067dcb50351d5e2d7c92cf1631 9709109f27eaad0c5a1e50facc142f8f197a11b6 ef2f7f28db32250196ae2c8242611a7f7159c2a539dabd40b82071b1c07561c6 Loading...

	intek.com.vn/	389 B	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:06 Last Seen2023-03-13 17:46:15 Times Seen1 Hash a686ab700f2bfc3c43ea013b18fc20e4 94e95a4ee145a8d6c792a88b0e29b2ce7e4e1c7a 4ea0302632b3a97e4bb9ea08e836926972ed1a1e2255e0d21c2a05311e4384d3 Loading...

	intek.com.vn/	152 B	2023-03-11	2023-03-13
Pretty URL intek.com.vn/ IP 123.30.191.186 ASN #45899 VNPT Corp Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:39:07 Last Seen2023-03-13 17:46:15 Times Seen1 Hash aa0c54dfd7812ab47efdd4152f789b81 29f78a894343bd9cea0fc1590c7d5a03e0da7cd3 b2f1669bcdf9213dc547054e67cd7d7d45bf1d20af3360fbc624042aa1b8fac8 Loading...

		Size	First Seen	Last Seen
	#1 Write - b569066de40545a6fad28cf33c43c16f	3.5 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash b569066de40545a6fad28cf33c43c16f 9797289172eefcd68abcb8b1568d9edc170c1822 4cb982fe630b07dc514b94b41d0a27dc5b80cd6415b977a4b4c94b8b7341645e Loading...

	#2 Write - 7c5a33433b2755ea7ada7a1421bca376	11 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:46:15 Last Seen2023-03-13 17:46:15 Times Seen1 Hash 7c5a33433b2755ea7ada7a1421bca376 60a0966ff96f888effda5a842bdad820f1d56172 3b570b6387429ee086cd196d804f9859c7f26e91bb8e6713cea7825317e4725e Loading...

HTTP Transactions (69)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10857
Expires: Sun, 05 Feb 2023 19:25:26 GMT
Date: Sun, 05 Feb 2023 16:24:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14430
Expires: Sun, 05 Feb 2023 20:24:59 GMT
Date: Sun, 05 Feb 2023 16:24:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 15:33:56 GMT
content-type: application/json
age: 3033
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2512
Expires: Sun, 05 Feb 2023 17:06:21 GMT
Date: Sun, 05 Feb 2023 16:24:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: TQMW6a9t/lA1bL6i1jhLgt3Mwfsy4T3h9ONuT8l3NJk+Rq7SNYKHDFFYMCKoPd/9VzX8MrQ2Ezg=
x-amz-request-id: MQK33P8GTVK4VZNH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 15:24:31 GMT
age: 3598
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 16:24:29 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

intek.com.vn/

123.30.191.186

301 Moved Permanently

229 B

URL HTTP/1.1
intek.com.vn/
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
229 B (229 bytes)
Hash
0f1a83e5708b2851a72dec678e101c3e
3ff9b563236bb6a13d95af2928283a4603226d13
19d68684384ecd80a1ee812c51200cd8aa421f4bdfe77fb5210d0e2941dafab3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious JS code
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 16:24:29 GMT
Server: Apache
Location: https://intek.com.vn/
Content-Length: 229
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 15:49:07 GMT
age: 2123
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9992
Expires: Sun, 05 Feb 2023 19:11:02 GMT
Date: Sun, 05 Feb 2023 16:24:30 GMT
Connection: keep-alive

push.services.mozilla.com/

52.26.112.186

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.26.112.186:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7dkDpdUcdm/WxIQyC1b5Yw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nS096cb5JlTedf0RfMEVyAqYyrU=

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
28c3f02ba8cac75c2f1945e7be499cae
82390270ea7ee981db3fae587295029f335726da
ce1f772f6bd3cdd88e6f161731958d8bce7e3c019c9e618d0ed37560b79b0a4c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6454
Cache-Control: max-age=130326
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:31 GMT
Etag: "63df191f-118"
Expires: Tue, 07 Feb 2023 04:36:37 GMT
Last-Modified: Sun, 05 Feb 2023 02:49:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
28c3f02ba8cac75c2f1945e7be499cae
82390270ea7ee981db3fae587295029f335726da
ce1f772f6bd3cdd88e6f161731958d8bce7e3c019c9e618d0ed37560b79b0a4c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6454
Cache-Control: max-age=130326
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:31 GMT
Etag: "63df191f-118"
Expires: Tue, 07 Feb 2023 04:36:37 GMT
Last-Modified: Sun, 05 Feb 2023 02:49:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

22 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65325)
Size
22 kB (22102 bytes)
Hash
9308c66045a6061aac7d82d62b235c31
265094cb37611a94facf92b3d47b7275e4e059a7
24ccf0330edb928cb2292080cf0f9b10bef59037d6e47099d017566472d74a2b

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:24:31 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4b03abec62bbf74e431cc6c50e6e36d9
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 794cff2d7bd4b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 05 Feb 2023 16:24:31 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 841306
expires: Fri, 26 Jan 2024 16:24:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtFI3uSY2dUgVBrU8Kmwvt9qkz97ihLjK%2FeikI%2Btn8Xg0T0k1zKsh%2B7HN1Svol4ELJeJm3SjxtLAQR%2FJgz1JMB4fvDWeHggIyrmEgutejocchsf7SNMz7hNbT95z6AKQYnDlMhfc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794cff2f28b0b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5650
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:31 GMT
Last-Modified: Sun, 05 Feb 2023 14:50:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 05 Feb 2023 18:01:18 GMT
Date: Sun, 05 Feb 2023 16:24:31 GMT
Connection: keep-alive

intek.com.vn/

123.30.191.186

200 OK

140 kB

URL HTTP/1.1
intek.com.vn/
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
HTML document, Unicode text, UTF-8 text, with very long lines (14347)
Size
140 kB (139947 bytes)
Hash
a88191b245612d5fa39a999df6fad2ae
9f025e7d5db4be53b01bb85686408163206ede37
be483c39e282d9f0c63a63951ada6b5bd4f30b0540f9fd1edf83428850b9430c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious JS code
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:30 GMT
Server: Apache
X-Powered-By: PHP/7.1.33
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 05 Feb 2023 18:01:18 GMT
Date: Sun, 05 Feb 2023 16:24:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5807
Expires: Sun, 05 Feb 2023 18:01:18 GMT
Date: Sun, 05 Feb 2023 16:24:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12967 bytes)
Hash
8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 38c58626-f4ad-4e2b-ad71-a628519d2ea2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmEdHFwCoAMFhxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8b453-7da6d0c1093468d320caaa1e;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 06:25:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t8dZTwod1-pZr8ACfp-6gfEu0TA3kGpfJrQeF8VgLg2tlrt03sa6Bg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:40:08 GMT
age: 45863
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10905 bytes)
Hash
1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jIvBQjGh9JzWQM0YpEYiqP5CcBrkwqLVjAYhMWJ1P1H0MRkm7kpnpg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:12:06 GMT
age: 65545
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: c11233d1-ef16-4b03-9174-a493011dc0ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEoFHOKIAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8166-4a290e811547293f437311bb;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1F0bxib8bn4kZvGBTL63ecNDDEy6XZ8kIb8K5BNqusVL9SvAAARUJw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:11:45 GMT
age: 65566
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11198 bytes)
Hash
93ef9da6520124f03883a2b5241e0623
41b557bb05e1769c124aa0195c398e2dbd1fc0e9
dd6a1589ae40fb69c60f1675ea49a6a1a00d43e29d1a18f0d30b7c4e9bceee5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3825d7eb-9bf8-4ff1-ac96-196cbf5c1873.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11198
x-amzn-requestid: f21313a6-3ca8-4c58-981c-a1700769719c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKUGu6IAMFsww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-1d60cc337f91692e436f2990;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QiFDDww7IfjOYHGfK3NiaBts_69I05L7bngAfyJUtG6VNwptdaI5nQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 15:02:59 GMT
age: 4892
etag: "41b557bb05e1769c124aa0195c398e2dbd1fc0e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5014 bytes)
Hash
5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 14:53:51 GMT
age: 5440
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3474 bytes)
Hash
d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 65613
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

intek.com.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17

123.30.191.186

200 OK

29 kB

URL HTTP/1.1
intek.com.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (29271), with no line terminators
Size
29 kB (29271 bytes)
Hash
80abe0410c6640e58fc1e18516c6602f
34234c0fa85de9bc2497ab84d3ae3e3355207fec
857c89b90bea6b75f04b6cc7b659594ea58b72724f1c6dde3955c958d4627245

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.17 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:31 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 14:50:28 GMT
Accept-Ranges: bytes
Content-Length: 29271
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

intek.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

123.30.191.186

200 OK

12 kB

URL HTTP/1.1
intek.com.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (12196)
Size
12 kB (12293 bytes)
Hash
53c6e293a5082a270cbacac5500dfda9
985794f10dae48eb176d476ab3168cd7e9c5792f
338f81e2d92f1dacaf627f96bd19ac4d1d8b21b5a7c6934a8446fa00064ec253

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:31 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:58 GMT
Accept-Ranges: bytes
Content-Length: 12293
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-content/themes/bds/style.css?ver=3.6.1

123.30.191.186

200 OK

292 B

URL HTTP/1.1
intek.com.vn/wp-content/themes/bds/style.css?ver=3.6.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text
Size
292 B (292 bytes)
Hash
3ff46107f17cfec6113bde2cd09c38d0
1bd7a2d252668a8d082f72000fcea3bdc94b51cd
3840f0e478733dadb8e3e46810cadf0ceb2c0b71a6b685431260caeecf74d3e9

HTTP Headers

GET /wp-content/themes/bds/style.css?ver=3.6.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 292
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

intek.com.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1

123.30.191.186

200 OK

1.7 kB

URL HTTP/1.1
intek.com.vn/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text
Size
1.7 kB (1685 bytes)
Hash
5ad1cfa3f5175f627385651790ed0bbd
7a06ac744a748ce4c315c798614d6d0068596cc4
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:58 GMT
Accept-Ranges: bytes
Content-Length: 1685
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

intek.com.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1

123.30.191.186

200 OK

17 kB

URL HTTP/1.1
intek.com.vn/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (2237)
Size
17 kB (16677 bytes)
Hash
66d22220c6b4a8854d1eac77808caf0f
53602dab0f900b2ac4bab5de3cdf6f3eeb82396f
d4ca876734f837d39ba250f1526b27ca28f16dc1b54122831a536840c898b19d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:58 GMT
Accept-Ranges: bytes
Content-Length: 16677
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0

123.30.191.186

200 OK

3.9 kB

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (2240)
Size
3.9 kB (3880 bytes)
Hash
e0fdaf3ad5fa387ed2476ada46783b75
32194d4aa4314e8a3a9a97b842937c4351587a5f
a70ad8151dc6d9d997c432422c40a5f3e6f6ece6b0ee9d7c816512e2600d9bd9

HTTP Headers

GET /wp-content/themes/flatsome/inc/extensions/flatsome-lazy-load/flatsome-lazy-load.js?ver=1.0 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:58 GMT
Accept-Ranges: bytes
Content-Length: 3880
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-includes/js/hoverIntent.min.js?ver=1.8.1

123.30.191.186

200 OK

3.3 kB

URL HTTP/1.1
intek.com.vn/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (3324), with no line terminators
Size
3.3 kB (3324 bytes)
Hash
3d8b9628d9a59c440f0089a77ab35db9
ddec50452a8fc404735f816ee8ea38faa36f31d2
d33df188762e3a43fa0683d2e2ab56b340857f263f7bbd873ffe1b5bce86e8db

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 14:50:27 GMT
Accept-Ranges: bytes
Content-Length: 3324
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.6.1

123.30.191.186

200 OK

137 kB

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.6.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (65536), with no line terminators
Size
137 kB (136743 bytes)
Hash
75390850d9b8c50a6ed0724f58bb8dbf
877f2256f11be63fba802fbcc674101ca58f3d28
22e4d9d75a2f8e879e9d1eadaa8adb25a08e124a7ca9ba7269c026682b24e5ae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.6.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:31 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 136743
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

intek.com.vn/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

123.30.191.186

200 OK

99 kB

URL HTTP/1.1
intek.com.vn/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (31997)
Size
99 kB (99110 bytes)
Hash
9b4ca58350f23bf3f6f98d16493ddc4f
28be7918e00104958573ac361f6be77e91712bde
2da2297a356ac3ae2420c3ff6a5a2daf5cd51acc700f18120f0eccba6c1faebe

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Thu, 11 Jun 2020 08:37:41 GMT
Accept-Ranges: bytes
Content-Length: 99110
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-includes/js/wp-embed.min.js?ver=5.2.17

123.30.191.186

200 OK

3.6 kB

URL HTTP/1.1
intek.com.vn/wp-includes/js/wp-embed.min.js?ver=5.2.17
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (3628), with no line terminators
Size
3.6 kB (3628 bytes)
Hash
6fb496a6052524c5af34d17282a2d992
86457e2c1994e8a9c8f53223e9f44fe9f412a3eb
7eade2a04daeb5d1bc552665358fab7d20384d90ac76fb46c5c0aea1d1e7dabe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.2.17 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 14:50:18 GMT
Accept-Ranges: bytes
Content-Length: 3628
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/redrose/v14/QdVISTYiLBjouPgEUajvsfWwDtc3MH8yrfszdT6t.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/redrose/v14/QdVISTYiLBjouPgEUajvsfWwDtc3MH8yrfszdT6t.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12120, version 1.0\012- data
Size
12 kB (12120 bytes)
Hash
f3c9eb8ebb9b136feeea5cc36de3ceba
1fd387902cb9f5ac741bd961b50507ac35bde570
7ae6bd05e2a924992dfd5b45a0fadc6936356ef1a8a1a65ffa32274864e96c65

HTTP Headers

GET /s/redrose/v14/QdVISTYiLBjouPgEUajvsfWwDtc3MH8yrfszdT6t.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 19:26:40 GMT
expires: Fri, 02 Feb 2024 19:26:40 GMT
cache-control: public, max-age=31536000
age: 248273
last-modified: Mon, 18 Jul 2022 19:37:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 16:24:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

intek.com.vn/wp-content/themes/flatsome/assets/img/lazy.png

123.30.191.186

200 OK

82 B

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/assets/img/lazy.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
82 B (82 bytes)
Hash
c2ed3e2419022dbfe94ed72ef0f87beb
4b11a4ed93895cce9e5103cc65d20e8b627f7c4c
50dd0d632fa73b308dae12436b1a1994eef242d0afbc6f5a7ff666a40cc52995

HTTP Headers

GET /wp-content/themes/flatsome/assets/img/lazy.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 82
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/themes/flatsome/assets/css/fl-icons.css

123.30.191.186

200 OK

369 B

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/assets/css/fl-icons.css
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (368)
Size
369 B (369 bytes)
Hash
0a562076dc9cf2d69817b7fc435b06cb
42732451f6f4cae6021f39caa5457d54f3c178b3
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/fl-icons.css HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 369
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

intek.com.vn/wp-content/uploads/2020/07/logo-intek-1.png

123.30.191.186

200 OK

20 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/07/logo-intek-1.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 827 x 415, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19855 bytes)
Hash
c1a3cdde76e8e3ff35c4a870c6cf5b16
3b76aeb6b6d7bf773248b86866fc1a860f72a552
10d081319b3a154c939d110523463b7061cb876eca89581157a2d2c1761bdf03

HTTP Headers

GET /wp-content/uploads/2020/07/logo-intek-1.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Mon, 27 Jul 2020 03:59:37 GMT
Accept-Ranges: bytes
Content-Length: 19855
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2020/07/logo-intek-1-300x151.png

123.30.191.186

200 OK

20 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/07/logo-intek-1-300x151.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 300 x 151, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19483 bytes)
Hash
6b18f1e4305782b5826a8f819cc7ae04
37c91f2188cd846ba2055467dd90403342fa89e2
595a3d589d6c4f9de669a878db8f16a68b0621c9847768bc9f62113c3517c0a0

HTTP Headers

GET /wp-content/uploads/2020/07/logo-intek-1-300x151.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Mon, 27 Jul 2020 03:59:37 GMT
Accept-Ranges: bytes
Content-Length: 19483
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2

123.30.191.186

200 OK

5.5 kB

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
Web Open Font Format (Version 2), TrueType, length 5496, version 1.0\012- data
Size
5.5 kB (5496 bytes)
Hash
7c6fbd8a2fc6d6788ac753dabb971aff
39d1384aa489b5d4616f8ecfe5b9f682f1a7a40a
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://intek.com.vn/wp-content/themes/flatsome/assets/css/fl-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 5496
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2

intek.com.vn/wp-content/uploads/2019/04/icon2.jpg

123.30.191.186

200 OK

929 B

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/icon2.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 38x38, components 3\012- data
Size
929 B (929 bytes)
Hash
c73dc551e11f0e8f516fd3841163d82a
273f2010d32fe7059652b169f78ad3d4482132a2
06b7e79627f3974134bcdf75775689b5181f989e66040b88885f14f6bcbfe77a

HTTP Headers

GET /wp-content/uploads/2019/04/icon2.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 929
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2019/04/icon5.jpg

123.30.191.186

200 OK

845 B

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/icon5.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 38x38, components 3\012- data
Size
845 B (845 bytes)
Hash
1dfffd4cf8f087e047a27fee2036109e
337005fe61cd2c446e8517648db4215ca10ed6a0
e03fb472bcd8d4dacef753157a6497a38f93eea8657aea5da69e03a2b55f86f1

HTTP Headers

GET /wp-content/uploads/2019/04/icon5.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 845
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2019/04/icon1.jpg

123.30.191.186

200 OK

868 B

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/icon1.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 38x38, components 3\012- data
Size
868 B (868 bytes)
Hash
980645298c545a14cfc1cbe90ae48820
b8f824022a9ed6f714f86d1c50f017ba48bbe1fe
6e086f930c10eaea8c4d4c0155a814658fd7e8f2af7f3c0740c1fc36f0413469

HTTP Headers

GET /wp-content/uploads/2019/04/icon1.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:33 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 868
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2019/04/icon4.jpg

123.30.191.186

200 OK

911 B

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/icon4.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 38x38, components 3\012- data
Size
911 B (911 bytes)
Hash
19b52b4661cc2e5c1d5be5fb3af71716
606eae5ff1d47c1d7167cff7cd7eeecb958bc450
6968d3e7c0655d2d7f3c3e2499d82dc0088ea7c663438bc4fe80ee6e7fdfc68d

HTTP Headers

GET /wp-content/uploads/2019/04/icon4.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:34 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 911
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2019/04/icon0.png

123.30.191.186

200 OK

34 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/icon0.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 840 x 758, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (33738 bytes)
Hash
7ed75c94f5da0d18d69da32cdef1b819
a657c9a559e65f2392c7c9ea06e075c00746e1f9
aec0f0e306834e4e96b059ae78f74944920932b76cad43d8449eef0a19db1062

HTTP Headers

GET /wp-content/uploads/2019/04/icon0.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:34 GMT
Server: Apache
Last-Modified: Fri, 07 Aug 2020 04:54:33 GMT
Accept-Ranges: bytes
Content-Length: 33738
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2019/04/doitac.png

123.30.191.186

200 OK

23 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/doitac.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 852 x 743, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22724 bytes)
Hash
efa1d05ec994e622784759b1d20e5413
259ebe7efc5fb11ebb04ca31f4c5a2248d2094c3
dc25f967f9d72b942a850b1666be18a6cccb046660b58c2a9c5591b2678b7300

HTTP Headers

GET /wp-content/uploads/2019/04/doitac.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:34 GMT
Server: Apache
Last-Modified: Tue, 01 Sep 2020 15:52:53 GMT
Accept-Ranges: bytes
Content-Length: 22724
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

216.58.207.202

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 21:26:32 GMT
expires: Wed, 31 Jan 2024 21:26:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 413884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
16 kB (16430 bytes)
Hash
619db355acd1ed836e0ccc436f52a4fe
7f50a17dfd93174520beabaf7502999dcd8eadcd
a279af52270c1ad822c2558e704f225ce8805881f99699b0bb88361f8b02eac7

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 584556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 443730
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0\012- data
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 14:50:08 GMT
expires: Wed, 31 Jan 2024 14:50:08 GMT
cache-control: public, max-age=31536000
age: 437668
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/dancingscript/v24/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/dancingscript/v24/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23588, version 1.0\012- data
Size
24 kB (23588 bytes)
Hash
8175a5f18a7cffa75be6286372d6b27a
3506beb00d03b2304bfad426632122fac5589046
06221d920e7eee00939f9eecfb808dd90f8f5ee8d515ecd6374daf61822446b3

HTTP Headers

GET /s/dancingscript/v24/If2cXTr6YS-zF4S-kcSWSVi_sxjsohD9F50Ruu7BMSo3Sup8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 10:06:23 GMT
expires: Fri, 02 Feb 2024 10:06:23 GMT
cache-control: public, max-age=31536000
age: 281893
last-modified: Mon, 11 Jul 2022 20:52:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

216.58.207.227

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11824, version 1.0\012- data
Size
12 kB (11824 bytes)
Hash
deb26e9b1a25438118e5d39d741ae6b6
a2801defb4c8bed8e4083dfde0b2a5a9c0537020
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 20:58:07 GMT
expires: Thu, 01 Feb 2024 20:58:07 GMT
cache-control: public, max-age=31536000
age: 329189
last-modified: Wed, 11 May 2022 19:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

216.58.207.227

200 OK

5.5 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5548, version 1.0\012- data
Size
5.5 kB (5548 bytes)
Hash
cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:09:06 GMT
expires: Sat, 03 Feb 2024 02:09:06 GMT
cache-control: public, max-age=31536000
age: 224130
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

216.58.207.227

200 OK

5.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 5560, version 1.0\012- data
Size
5.6 kB (5560 bytes)
Hash
ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intek.com.vn
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:16 GMT
expires: Sat, 03 Feb 2024 02:06:16 GMT
cache-control: public, max-age=31536000
age: 224300
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

intek.com.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1

123.30.191.186

200 OK

164 kB

URL HTTP/1.1
intek.com.vn/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
ASCII text, with very long lines (19155)
Size
164 kB (163698 bytes)
Hash
b05f9880bfc117ba55faa3e77b94e90d
36703469aa0a4b31b3d44b69b5353a8871e504d3
8c3351b000d6da0327369e3aa412b5f3643bee377a7db9ed01e593d7bbd0a387

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.6.1 HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:32 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 163698
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

intek.com.vn/wp-content/uploads/2020/07/cropped-logo-intek-1-192x192.png

123.30.191.186

200 OK

12 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/07/cropped-logo-intek-1-192x192.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12076 bytes)
Hash
9afab27c117b99e7e424414e7e1cecf3
db4a329f797e76fe430894f26b8275576918d983
45c9cc5137a7cc84d2d277369c73926e9ebbc2eddd1dabed08c4fe9c0a73e545

HTTP Headers

GET /wp-content/uploads/2020/07/cropped-logo-intek-1-192x192.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:35 GMT
Server: Apache
Last-Modified: Mon, 03 Aug 2020 03:40:22 GMT
Accept-Ranges: bytes
Content-Length: 12076
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2020/07/cropped-logo-intek-1-32x32.png

123.30.191.186

200 OK

1.1 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/07/cropped-logo-intek-1-32x32.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1135 bytes)
Hash
5baf9fafd3d69d42b0824a3cd03d4472
3aaf854adc613726f86e9e5effff28455b813270
8872d19b9d47f15414f17d02ee90961090e4308da6e89a69fcf1f8dbd1bf935e

HTTP Headers

GET /wp-content/uploads/2020/07/cropped-logo-intek-1-32x32.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:35 GMT
Server: Apache
Last-Modified: Mon, 03 Aug 2020 03:40:22 GMT
Accept-Ranges: bytes
Content-Length: 1135
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2019/04/ke-hoach-dau-tu.jpg

123.30.191.186

200 OK

4.7 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/ke-hoach-dau-tu.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
4.7 kB (4746 bytes)
Hash
a7219ff9ad7a2244371812c049dce798
bd5e11acf60d19ee38859d3a1d5b479ffefc07a4
3d6f21632f41e9040c674e1d85f734222f9e002abf2891693aadea91c819d4ea

HTTP Headers

GET /wp-content/uploads/2019/04/ke-hoach-dau-tu.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 4746
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2019/04/dau-tu-hieu-qua.jpg

123.30.191.186

200 OK

4.7 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2019/04/dau-tu-hieu-qua.jpg
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
4.7 kB (4656 bytes)
Hash
4ae1fa806144219cadb6f13d9cdee76b
3504a9a27fcd437dcc8b8f11db0ccbd300f1483e
a6aec7cad37a2b0df03cbd3f4562d41810c22c6ecf8fe59b9e63b8d92d0d1280

HTTP Headers

GET /wp-content/uploads/2019/04/dau-tu-hieu-qua.jpg HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Sun, 26 May 2019 08:02:56 GMT
Accept-Ranges: bytes
Content-Length: 4656
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

intek.com.vn/wp-content/uploads/2020/08/H%E1%BB%87-th%E1%BB%91ng-ERP.png

123.30.191.186

200 OK

44 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/08/H%E1%BB%87-th%E1%BB%91ng-ERP.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 768 x 609, 8-bit colormap, non-interlaced\012- data
Size
44 kB (43997 bytes)
Hash
d04e4e9252b420dc9344b3264edd7ca8
0b68d97c65e48e3853319097d7f2f4cbf1469de7
40fafe0066199269f35af2cf7a89325d81e2fb995de89566a306fe8dc448debb

HTTP Headers

GET /wp-content/uploads/2020/08/H%E1%BB%87-th%E1%BB%91ng-ERP.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 07:24:10 GMT
Accept-Ranges: bytes
Content-Length: 43997
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2020/08/intek10.png

123.30.191.186

200 OK

43 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/08/intek10.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42889 bytes)
Hash
6dd7711ac68ba37419c31a288254a559
f2dd32ef270fd12964d6bfc9cb10c5785043a500
6f0e2625e4e4bac1089ccd39d0aa634f88ad2fe0047d10b4f90c15a4bb1611f4

HTTP Headers

GET /wp-content/uploads/2020/08/intek10.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Tue, 04 Aug 2020 03:55:46 GMT
Accept-Ranges: bytes
Content-Length: 42889
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

intek.com.vn/wp-content/uploads/2020/09/anh-2-1024x139.png

123.30.191.186

200 OK

146 kB

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/09/anh-2-1024x139.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type
PNG image data, 1024 x 139, 8-bit/color RGBA, non-interlaced\012- data
Size
146 kB (146263 bytes)
Hash
edd6c65a14e8c03eb47b2b66245b1244
ec0ecdbd526a7771122e5872fcdeb7af813b6018
8f7664404627e358c426ca2eeccbce5675a24c2fdcd8a8bc24da8699defcd31a

HTTP Headers

GET /wp-content/uploads/2020/09/anh-2-1024x139.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Wed, 02 Sep 2020 17:24:31 GMT
Accept-Ranges: bytes
Content-Length: 146263
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css2?family=Red+Rose&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Red+Rose&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Red+Rose&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 16:24:31 GMT
date: Sun, 05 Feb 2023 16:24:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

intek.com.vn/wp-content/uploads/2020/09/%E1%BA%A3nh-1.png

123.30.191.186

200 OK

0 B

URL HTTP/1.1
intek.com.vn/wp-content/uploads/2020/09/%E1%BA%A3nh-1.png
IP
123.30.191.186:0
ASN
#45899 VNPT Corp

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/09/%E1%BA%A3nh-1.png HTTP/1.1
Host: intek.com.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://intek.com.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 16:24:36 GMT
Server: Apache
Last-Modified: Wed, 02 Sep 2020 17:24:28 GMT
Accept-Ranges: bytes
Content-Length: 534982
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML