Parameters in the customized error page:
Transaction ID = 31632251-PPE1 Session ID = AAE7RPHcZjtiZWcAAAAAADtW81pnnJrxSpSQO9FD8W2nf-utdRvsO9zT7_MDV2K1Ow== Violation Category = APPFW_STARTURL Violation Log = CEF:0|Citrix|NetScaler|NS13.1|APPFW|APPFW_STARTURL|6|src=3.145.67.166 geolocation=Unknown spt=41031 method=GET request=https://quatangmomoi.bsc.com.vn/ngon-ngu/1bbbaaacongzzztyaaatongzzzquanaaaRAT msg=Disallow Illegal URL. cn1=41985414 cn2=31632251 cs1=WAFPROF-ho-website-443 cs2=PPE1 cs3=AAE7RPHcZjtiZWcAAAAAADtW81pnnJrxSpSQO9FD8W2nf-utdRvsO9zT7_MDV2K1Ow== cs4=ALERT cs5=2024 act=blocked Session Cookie : -