Report - authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894

Report Overview

Submitted URL
authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894
IP
137.184.249.131
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-04-25 14:10:23
Access
public
Website Title
Belt MONTBLANC Classic Silver NewSS(STAR) | WEBSITE HÀNG HIỆU DUY NHẤT VIỆT NAM
Final URL
authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
authentic.com.vn	unknown	unknown	2015-08-06	2024-01-24	13 kB	78 kB	137.184.249.131
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	847 B	168 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	462 B	10 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed
2024-04-25	medium	authentic.com.vn	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/sandbox%20eval%20code	128 B	2023-05-06	2024-05-04
Pretty URL authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-04 22:51:27 Times Seen21371 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	1.6 kB	2023-05-06	2024-05-04
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-05-04 22:51:27 Times Seen21234 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

HTTP Transactions (28)

URL IP Response Size

authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894

137.184.249.131

301 Moved Permanently

0 B

URL User Request GET HTTP/2
authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/threads/belt-montblanc-classic-silver-newss-star.63894 HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:00 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-powered-by: PHP/7.4.12
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 25 Apr 2024 14:10:00 GMT
location: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
x-xf-debug-stats: {"time":0.063,"queries":2,"memory":2.71}
x-proxy-cache: MISS
X-Firefox-Spdy: h2

authentic.com.vn/

137.184.249.131

169 B

URL
authentic.com.vn/
IP
137.184.249.131:0
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
ff3438f1699724c1ce3d071d2ca210c2
8784ddfff3a51e608dd34fce5942bc8c91af8b11
98d367d32108a25ed28048a4f17b2504e610249dd0bf2dcf368c7f922b300997

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 14:10:01 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://authentic.com.vn/

authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/

137.184.249.131

200 OK

20 kB

URL User Request GET HTTP/2
authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5545)
Size
20 kB (20017 bytes)
Hash
17d8bc641b8a3a64fff16f310f0b6f03
697d1931ec3038401b3d54d9cbe4efc45cc78966
b829d26141ef1871c40d6a76d7efa6a26e4c95760834141dde2f3eb3130af415

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/threads/belt-montblanc-classic-silver-newss-star.63894/ HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:02 GMT
content-type: text/html; charset=utf-8
content-length: 20017
x-powered-by: PHP/7.4.12
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 25 Apr 2024 14:10:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
x-xf-debug-stats: {"time":0.4527,"queries":27,"memory":7.53}
set-cookie: xf_csrf=I5SI4TqZr0hp1RNT; path=/; secure
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-59481884-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-59481884-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73274 bytes)
Hash
1e92517fc4de6b328e647bfa39d245f7
18d617130a2b991586098f1a05fa1ded04c90fc4
6a50ce783ff705b2d2c42934322734258738cc06af9ca1dec8adf12eab96c42e

HTTP Headers

GET /gtag/js?id=UA-59481884-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 14:10:03 GMT
expires: Thu, 25 Apr 2024 14:10:03 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-EZDF5WPQPG

142.250.74.168

200 OK

94 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-EZDF5WPQPG
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3034)
Size
94 kB (93579 bytes)
Hash
b38d28ce7dbca3d08d69e0dbe0385982
a4ece90718163e5a73dc14d1c05a76224c4d39a1
74d309aecc495f3d8b6ffeb79a51c7625f7df58d7f996a552666e14ce9cccdf0

HTTP Headers

GET /gtag/js?id=G-EZDF5WPQPG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 14:10:03 GMT
expires: Thu, 25 Apr 2024 14:10:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93579
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/xf/preamble.js?_v=98b8a72d

137.184.249.131

200 OK

2.4 kB

URL GET HTTP/2
authentic.com.vn/forum/js/xf/preamble.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text
Size
2.4 kB (2414 bytes)
Hash
d067ba07892baac104e18c6e83bc3bb8
9b6ca93390c894e5d99d58fd243f8716d01b8766
1e58acf81d6eb42e3e3a230b7a72b5227e48629c4a5930d6e47038e018ee53dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/preamble.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:03 GMT
content-type: application/javascript
content-length: 2414
last-modified: Fri, 27 Mar 2020 03:46:27 GMT
etag: "18f2-5a1cdf239d467-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/

137.184.249.131

0 B

URL
authentic.com.vn/
IP
137.184.249.131:0
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:06 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.12
location: https://authentic.com.vn/forum/
x-proxy-cache: MISS
X-Firefox-Spdy: h2

authentic.com.vn/forum/styles/uix/images/home_icon.png

137.184.249.131

200 OK

4.0 kB

URL GET HTTP/2
authentic.com.vn/forum/styles/uix/images/home_icon.png
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
PNG image data, 612 x 612, 8-bit colormap, non-interlaced
Size
4.0 kB (3973 bytes)
Hash
76e01f4c900db6b6341df1a0ed72d1d1
616d0deb7bddd46e1929eaa9ae02db8767943765
bfff8bf6de2e96a2ac8abb191271963935c30c688f0ce7f449df7e340b870eaa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/styles/uix/images/home_icon.png HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:03 GMT
content-type: image/png
content-length: 3973
last-modified: Wed, 01 May 2019 15:50:38 GMT
etag: "f85-587d57a962f80"
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/data/avatars/s/20/20418.jpg?1564898591

137.184.249.131

200 OK

1.4 kB

URL GET HTTP/2
authentic.com.vn/forum/data/avatars/s/20/20418.jpg?1564898591
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3
Size
1.4 kB (1427 bytes)
Hash
15de995e23aeacf304f0a4d075a2fe97
86799ee2817bf8894995653a78c9857aa093fde4
cb19b9eff3d0731aa405ed3f848106d5d40d946054622105bae7784cd2f10429

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/data/avatars/s/20/20418.jpg?1564898591 HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:03 GMT
content-type: image/jpeg
content-length: 1427
last-modified: Sun, 04 Aug 2019 06:03:11 GMT
etag: "593-58f4458a045c0"
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/styles/authentic/dadangky.webp

137.184.249.131

200 OK

8.4 kB

URL GET HTTP/2
authentic.com.vn/forum/styles/authentic/dadangky.webp
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.4 kB (8354 bytes)
Hash
d8170499b27b21a79ff0848393b21ec2
65c5e05882554f845931a0e1187ee57e40e6a0c2
797b4bc0aa574030f1665e8d9213b43c0d9adc2778216515c98f8f4a2a0b9167

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/styles/authentic/dadangky.webp HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:03 GMT
content-length: 8354
last-modified: Fri, 19 Jun 2020 03:31:01 GMT
etag: "20a2-5a86785af871d"
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/xf/core/action.js?_v=98b8a72d

137.184.249.131

200 OK

8.4 kB

URL GET HTTP/2
authentic.com.vn/forum/js/xf/core/action.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text
Size
8.4 kB (8432 bytes)
Hash
5fa7f0cb5f2c1fb812afde25e01c9b32
dbbe3646c4a754f7068b834c8e5f6579262c9cd7
c696fb2228d205c30e20caa6972e2c2f3a28ea92e9c6d89ea88671b859fe4bde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/core/action.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 8432
last-modified: Fri, 27 Mar 2020 03:46:26 GMT
etag: "8f68-5a1cdf221a4d5-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/xf/core/tooltip.js?_v=98b8a72d

137.184.249.131

200 OK

7.0 kB

URL GET HTTP/2
authentic.com.vn/forum/js/xf/core/tooltip.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text
Size
7.0 kB (6956 bytes)
Hash
105353aaccf7c166c855269ecc5c1765
f2d43f83666dff07be902b3fe6da8463311d00dc
23b80bef120ba6297a2ccce348596e0a65c1db69a9c26e0a2ce027d6608ee20c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/core/tooltip.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 6956
last-modified: Fri, 27 Mar 2020 03:46:26 GMT
etag: "7b04-5a1cdf225e2cc-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/anthony/firstpost.js?_v=98b8a72d

137.184.249.131

200 OK

722 B

URL GET HTTP/2
authentic.com.vn/forum/js/anthony/firstpost.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text
Size
722 B (722 bytes)
Hash
24e9088f8c19ed650169f383fb470008
af36d23b05b10bf1f9d828990673ac1014fa7eb2
582f140d007347b63750d14a55b6087e011b625ca695401af5ae2f41de33be75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/anthony/firstpost.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 722
last-modified: Tue, 14 Apr 2020 09:04:16 GMT
etag: "740-5a33c7bf9f19b-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/themehouse/uix/ripple.js?_v=98b8a72d

137.184.249.131

200 OK

985 B

URL GET HTTP/2
authentic.com.vn/forum/js/themehouse/uix/ripple.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text
Size
985 B (985 bytes)
Hash
c38fe4f5d9cfe5fd6e8a4c68f4b92f3b
8d63d76f39357ba756677c301220f4134e44d6d6
8b751c5bd6fb76b03e76437f0854c6bb63da7589cf7c8b6b4ad1b25ce702f55c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/themehouse/uix/ripple.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 985
last-modified: Wed, 12 Dec 2018 06:38:24 GMT
etag: "a63-57ccd71dcf800-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/themehouse/global/20180112.js?_v=98b8a72d

137.184.249.131

200 OK

6.9 kB

URL GET HTTP/2
authentic.com.vn/forum/js/themehouse/global/20180112.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
6.9 kB (6942 bytes)
Hash
7097885791a4d6aba68899938ffcd420
1b51172ad65b4e3921fa8b273427de0f4506e40b
b472dafe00779be910b35a9191254245b21e91b24c0b9119731ef3cef83fb29d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/themehouse/global/20180112.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 6942
last-modified: Wed, 12 Dec 2018 06:38:24 GMT
etag: "6726-57ccd71dcf800-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/themehouse/uix/index.js?_v=98b8a72d

137.184.249.131

200 OK

4.4 kB

URL GET HTTP/2
authentic.com.vn/forum/js/themehouse/uix/index.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text, with very long lines (564)
Size
4.4 kB (4358 bytes)
Hash
ba8ca3da63afe8b8f333cdb5ebd6b43c
2f84293d52f0e6d061d78dc743e4fd0a31803e3d
5130c61b10d8625b13a264b4756fc31e60086ad8ce0e7600102049c3fab379b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/themehouse/uix/index.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 4358
last-modified: Wed, 12 Dec 2018 06:38:24 GMT
etag: "58a3-57ccd71dcf800-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/themehouse/uix/defer.js?_v=98b8a72d

137.184.249.131

200 OK

7.9 kB

URL GET HTTP/2
authentic.com.vn/forum/js/themehouse/uix/defer.js?_v=98b8a72d
IP
137.184.249.131:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type
JavaScript source, ASCII text, with very long lines (564)
Size
7.9 kB (7938 bytes)
Hash
0784be3a4e4cc80f33d74438fac558d9
8d5e13d34c1939ccadf7edbc3ee895cc724c05ed
99701d504d183c17cf815ccf68586b8de70a22a95ce52acd469d107b4e2be3b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/themehouse/uix/defer.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:04 GMT
content-type: application/javascript
content-length: 7938
last-modified: Wed, 12 Dec 2018 06:38:24 GMT
etag: "1007c-57ccd71dcf800-gzip"
vary: Accept-Encoding
content-encoding: gzip
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/css.php?css=public%3AantMoreThreads.less%2Cpublic%3Aant_first_post.less%2Cpublic%3Aant_footer_copyright.less%2Cpublic%3Abbcode_product.less%2Cpublic%3Amessage.less%2Cpublic%3Aextra.less&s=5&l=2&d=1695123924&k=59c0ceb12d1641d83120eb4ca8b793fb62e31b3a

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/css.php?css=public%3AantMoreThreads.less%2Cpublic%3Aant_first_post.less%2Cpublic%3Aant_footer_copyright.less%2Cpublic%3Abbcode_product.less%2Cpublic%3Amessage.less%2Cpublic%3Aextra.less&s=5&l=2&d=1695123924&k=59c0ceb12d1641d83120eb4ca8b793fb62e31b3a
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/css.php?css=public%3AantMoreThreads.less%2Cpublic%3Aant_first_post.less%2Cpublic%3Aant_footer_copyright.less%2Cpublic%3Abbcode_product.less%2Cpublic%3Amessage.less%2Cpublic%3Aextra.less&s=5&l=2&d=1695123924&k=59c0ceb12d1641d83120eb4ca8b793fb62e31b3a HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/js/xf/core/structure.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/xf/core/structure.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/core/structure.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/js/xf/core.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/xf/core.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/core.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=5&l=2&d=1695123924&k=7c67ab13a9409ebad52b875c616e315e3304f430

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=5&l=2&d=1695123924&k=7c67ab13a9409ebad52b875c616e315e3304f430
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=5&l=2&d=1695123924&k=7c67ab13a9409ebad52b875c616e315e3304f430 HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/js/vendor/modernizr/modernizr.min.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/vendor/modernizr/modernizr.min.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/vendor/modernizr/modernizr.min.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/js/xf/core/form.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/xf/core/form.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/xf/core/form.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap

142.250.74.106

200 OK

9.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (9600), with no line terminators
Size
9.3 kB (9348 bytes)
Hash
14947237ea2dd749ae125083525bd957
c5538d47cbd2b0959fee2e6837a1fc2e33563fbc
3cda3e604a3f1c5d1b7e5dd035dfacb996f1fe40e90e0279e9ee77ea01d5f944

HTTP Headers

GET /css?family=Roboto:300,400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 14:10:03 GMT
date: Thu, 25 Apr 2024 14:10:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

authentic.com.vn/forum/js/vendor/vendor-compiled.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/vendor/vendor-compiled.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/vendor/vendor-compiled.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/styles/authentic/logo_v3.png

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/styles/authentic/logo_v3.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/styles/authentic/logo_v3.png HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.21.6
date: Thu, 25 Apr 2024 14:10:03 GMT
content-type: image/png
content-length: 65995
last-modified: Sat, 08 May 2021 16:14:28 GMT
etag: "101cb-5c1d3d6b6a1d8"
x-proxy-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

authentic.com.vn/forum/attachments/4-jpg.448697/

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/attachments/4-jpg.448697/
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/attachments/4-jpg.448697/ HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

authentic.com.vn/forum/js/vendor/jquery/jquery-3.4.1.min.js?_v=98b8a72d

0.0.0.0

0 B

URL GET
authentic.com.vn/forum/js/vendor/jquery/jquery-3.4.1.min.js?_v=98b8a72d
IP
0.0.0.0:0
ASN
#0

Requested by
https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Certificate
IssuerLet's Encrypt
Subjectauthentic.com.vn
FingerprintA9:12:6D:8E:AD:22:64:41:0C:33:DF:6B:53:0C:C4:C1:4D:CF:DE:24
ValidityMon, 26 Feb 2024 23:08:31 GMT - Sun, 26 May 2024 23:08:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /forum/js/vendor/jquery/jquery-3.4.1.min.js?_v=98b8a72d HTTP/1.1
Host: authentic.com.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://authentic.com.vn/forum/threads/belt-montblanc-classic-silver-newss-star.63894/
Cookie: xf_csrf=I5SI4TqZr0hp1RNT
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN