Report - khaithaclothien.edu.vn/lood/?04917871/////////////////////////////////////////////////////////////////////

Report Overview

Visited public
2023-12-08 13:23:31
Tags
URL
khaithaclothien.edu.vn/lood/?04917871/////////////////////////////////////////////////////////////////////
Finishing URL
khaithaclothien.edu.vn/
IP / ASN
103.28.36.173
#131353 NhanHoa Software company
Title
TRANG CHỦ

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

772

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
humg.edu.vn	446332	unknown	2013-10-11 09:11:38	2023-11-02 08:01:13	1.1 kB	834 kB	203.171.26.243
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2023-12-08 05:09:05	523 B	124 kB	35.244.181.201
ciscobinary.openh264.org	40822	2013-10-19	2014-10-07 07:43:56	2023-12-08 05:09:07	305 B	512 kB	62.115.252.115
khoamo.humg.edu.vn	unknown	unknown	2020-04-20 13:20:12	2023-12-07 17:06:03	976 B	0 B	0.0.0.0
khaithaclothien.edu.vn	unknown	unknown	2020-02-18 20:10:49	2023-11-21 18:05:56	116 kB	22 MB	103.28.36.173
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	910 B	308 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed
2023-12-08	medium	khaithaclothien.edu.vn	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306	ScriptElement	10 kB	2023-03-07	2025-05-11
Pretty URL khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:26 Times Seen15159 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306	ScriptElement	237 kB	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2025-05-10 00:40 Times Seen513 Hash 471d5cbdf6786206310da0448076a9ea a5124b0be4decb1ebca72e44531c3da85f0170f6 9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda Loading...

	khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306	ScriptElement	29 kB	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-10 21:00 Times Seen707 Hash a125594de09167bd2e9015d790029a64 b0567b7e3db8ddbdc5806f5c4e2fa7a8abc9b692 b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2 Loading...

	khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js	ScriptElement	12 kB	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40 Last Seen2025-05-10 17:06 Times Seen534 Hash 0cf3f8b677dcd27b6d46f4a56d65fdb2 55234f525286ead0ea12dc6c51c34b9b49f23bda 2881a6657e481fa5fccc79681cb91277a111785342d9c9283d71ac9ca6e9b098 Loading...

	khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306	ScriptElement	2.0 kB	2023-03-07	2024-12-18
Pretty URL khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2024-12-18 23:02 Times Seen28 Hash 07552fd025ae220cb392d04fd1c8e3dc d678e49220dd32274fb37119a0e9abbea1c536c5 212b32f0e2d26cdec0882d4531305e7298c3f5c29121581b3e6cfb75ff0d5175 Loading...

	khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306	ScriptElement	97 kB	2023-03-07	2025-04-29
Pretty URL khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21 Last Seen2025-04-29 14:13 Times Seen294 Hash 59c2901ee162828f22bab14459431652 6cec0ee04bc7138b6eedad0009a49d155451bce8 46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1 Loading...

	khaithaclothien.edu.vn/	ScriptElement	770 B	2023-06-21	2024-08-21
Pretty URL khaithaclothien.edu.vn/ IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 18:57 Last Seen2024-08-21 03:34 Times Seen20 Hash 26c0229e3d7a0935f90fb624c0253b4a 69d54949b501fac136564b406b2500e029fffb9c 13111e7eb77b2c9571a663a9f59c67fe1cd515450f95325a901abe885cf9a1a9 Loading...

	khaithaclothien.edu.vn/	ScriptElement	1.1 kB	2023-06-21	2024-08-21
Pretty URL khaithaclothien.edu.vn/ IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 18:57 Last Seen2024-08-21 03:34 Times Seen20 Hash 67391b4ccaf00d3a9ca76b6aec23a476 b4cf8a426ef27a2a94694047ce53f6ed8c26660c 0374e323ad2dd6ee55c03e809ee7c7c71b4820123fc7cfa90ca85ec0e15900ef Loading...

	khaithaclothien.edu.vn/media/system/js/core.js?485f17c6260c48831a40e2f77c683306	ScriptElement	8.8 kB	2023-03-07	2025-05-02
Pretty URL khaithaclothien.edu.vn/media/system/js/core.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-02 13:15 Times Seen326 Hash 2389024c3d3ddc855b456962dce68cf0 3ea6f77dbaa51af3747a525d02d76ac064b2d2bd ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6 Loading...

	khaithaclothien.edu.vn/	ScriptElement	821 B	2023-06-21	2024-08-21
Pretty URL khaithaclothien.edu.vn/ IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-21 18:57 Last Seen2024-08-21 03:34 Times Seen20 Hash 485d2efff3ac97f07d86e18a577cc162 5f4c859181e135756d72b4b32ca334bc4c360e70 6735f2df0976ab1525bda0fa773d9ddc1d68e022697092aff094dc3485d4b699 Loading...

	khaithaclothien.edu.vn/media/plg_system_sl_scrolltotop/js/scrolltotop_mt.js	ScriptElement	1.7 kB	2023-03-07	2025-04-11
Pretty URL khaithaclothien.edu.vn/media/plg_system_sl_scrolltotop/js/scrolltotop_mt.js IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-04-11 21:07 Times Seen37 Hash 6d5a4eba82d2a380ba50b150f280cebf 627bf7a50ff04473e216088afb67b055b96c6a81 e0c94a691ed82ddc0fc8db099637062210ee6676ed85f360c7b082ab74e03447 Loading...

	khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306	ScriptElement	491 B	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen1037 Hash 27e0e11b572de3bc44be960d25d65570 9c431113357e1a7147388978bde9b70a3ff6114a 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc Loading...

	khaithaclothien.edu.vn/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL khaithaclothien.edu.vn/ IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 17:38 Times Seen4656233 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306	ScriptElement	84 kB	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-05-10 00:40 Times Seen660 Hash dae9bedb881e4fa30a39d88aae444a0d c7b66b70133c005c8283f3e1843db92769f71d38 b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18 Loading...

	khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306	ScriptElement	21 B	2023-03-07	2025-05-10
Pretty URL khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306 IP 103.28.36.173 ASN #131353 NhanHoa Software company Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 21:06 Times Seen2371 Hash e2060c4e5e5955c824723b13a212d3ec 18420ce484978f8ba3d7371febf1638828bb7a67 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	0001-01-01 00:00	2025-05-11 17:38
Pretty Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 17:38 Times Seen4656233 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (201)

URL IP Response Size

khaithaclothien.edu.vn/modules/mod_vvisit_counter/mvc.css

103.28.36.173

200 OK

5.9 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/mvc.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
5.9 kB (5861 bytes)
Hash
d95e8fad216e40a819f0224e5526207a
3cb1b231905c2fc3cdc5109361137dc6f11c94e4
f8df97f448684af7c69d200f5d4a52e505d3a1f02180a02cacc490930f0901c2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/mvc.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:10 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:00 GMT
accept-ranges: bytes
content-length: 5861
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

15 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14962 bytes)
Hash
6738062b32e0ec237aacd307d5f7a482
6ecb4ff0536ae184bd6cbf8d9d41c7a3c97568d2
e9fe55b1601529e3b5bff3eca6a39920d50a5aceabb5daee64c3e1e7440ab811

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:10 GMT
server: Apache
last-modified: Fri, 08 May 2020 10:53:40 GMT
accept-ranges: bytes
content-length: 14962
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css

103.28.36.173

200 OK

2.0 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
2.0 kB (2023 bytes)
Hash
b3897d6cefcd1df237bd845673ba6b30
f7481ffda8d79bd5468c04f7e9c432d838f63bc6
a53ee3402198102950548f85a540fb15c501243a1353d6d42d6d5fc215ea58eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:10 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 2023
content-type: text/css
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans

142.250.74.138

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.1 kB (1109 bytes)
Hash
7f0f40ca7ba914b758095c926f36be6a
ef2fd3714dc1c64b8438222afb6bf3f1f58b0949
3a1f34bf7694016e397d7f41ed63a52e749dca0d1d6ccace9b5bbbfa81043175

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 13:23:11 GMT
date: Fri, 08 Dec 2023 13:23:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css

103.28.36.173

200 OK

1.9 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
1.9 kB (1946 bytes)
Hash
d958a618b211c9391ef05499ad7f1eff
e4567914096e1d2111643d2e53e190349bb5e7be
1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:10 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 1946
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

173 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
173 kB (172700 bytes)
Hash
4c011d2fc1c06276f4bbbba316042e4f
5585739ea133c323f61288581b346afbd387810e
ab857a9e92f9cf3d41e560a59b32a66f9355752b39e267fb15b63d90ae02e285

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:10 GMT
server: Apache
last-modified: Fri, 08 May 2020 10:38:30 GMT
accept-ranges: bytes
content-length: 172700
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/lood/?04917871/////////////////////////////////////////////////////////////////////

103.28.36.173

302 Found

1.8 kB

URL User Request GET HTTP/2
khaithaclothien.edu.vn/lood/?04917871/////////////////////////////////////////////////////////////////////
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
1.8 kB (1752 bytes)
Hash
8d5a89c37cf344d3e42c9075c4320964
cef2afaf744b248d6274992de7220a422d33bd48
852847829554497b41e4d9d93fd67b4ee99c736c381ffbe32dc9002d3e2ec1d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /lood/?04917871///////////////////////////////////////////////////////////////////// HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 08 Dec 2023 13:23:07 GMT
server: Apache
x-powered-by: PHP/7.4.33
cache-control: no-store
content-encoding: gzip
vary: Accept-Encoding
location: /
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/core.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

8.8 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/system/js/core.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (8803), with no line terminators
Size
8.8 kB (8808 bytes)
Hash
2389024c3d3ddc855b456962dce68cf0
3ea6f77dbaa51af3747a525d02d76ac064b2d2bd
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/core.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 8808
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

491 B

URL
khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (413)
Size
491 B (491 bytes)
Hash
27e0e11b572de3bc44be960d25d65570
9c431113357e1a7147388978bde9b70a3ff6114a
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/caption.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 491
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

21 B

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
21 B (21 bytes)
Hash
e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 21
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

10 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 10056
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menumb.png

103.28.36.173

200 OK

259 B

URL GET HTTP/2
khaithaclothien.edu.vn/images/menumb.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 22 x 18, 8-bit/color RGB, non-interlaced\012- data
Size
259 B (259 bytes)
Hash
7158e462d83cfc29adfb418cfb245a37
c1cdefd28446fe3baee6f398056cf9d0f75c99ae
4c01fbab71cdb8e8f1d31da53aa4c0390a77598b466328fab13d4f67ed603170

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menumb.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 08 May 2020 09:30:43 GMT
accept-ranges: bytes
content-length: 259
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

2.0 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
2.0 kB (2020 bytes)
Hash
07552fd025ae220cb392d04fd1c8e3dc
d678e49220dd32274fb37119a0e9abbea1c536c5
212b32f0e2d26cdec0882d4531305e7298c3f5c29121581b3e6cfb75ff0d5175

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 2020
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11999)
Size
12 kB (12201 bytes)
Hash
0cf3f8b677dcd27b6d46f4a56d65fdb2
55234f525286ead0ea12dc6c51c34b9b49f23bda
2881a6657e481fa5fccc79681cb91277a111785342d9c9283d71ac9ca6e9b098

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 12201
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

29 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (28972)
Size
29 kB (29126 bytes)
Hash
a125594de09167bd2e9015d790029a64
b0567b7e3db8ddbdc5806f5c4e2fa7a8abc9b692
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 29126
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

84 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (785)
Size
84 kB (83893 bytes)
Hash
dae9bedb881e4fa30a39d88aae444a0d
c7b66b70133c005c8283f3e1843db92769f71d38
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 83893
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

97 kB

URL
khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65469)
Size
97 kB (96606 bytes)
Hash
59c2901ee162828f22bab14459431652
6cec0ee04bc7138b6eedad0009a49d155451bce8
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 96606
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

237 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2903)
Size
237 kB (236825 bytes)
Hash
471d5cbdf6786206310da0448076a9ea
a5124b0be4decb1ebca72e44531c3da85f0170f6
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 236825
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/0.gif

103.28.36.173

200 OK

697 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/0.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
697 B (697 bytes)
Hash
71b4e272c888ddeb0d562fbe89eac163
9e57769470a996480787eb7e1b1afd4f32eca524
d9479c248e030cf689aaead56ffe468b1198bf3ada99dda99c898ce7f650cb1d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/0.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 697
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vall.gif

103.28.36.173

200 OK

996 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vall.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
996 B (996 bytes)
Hash
3447ab25dff2af076ac60045290a5e72
02bcd05bedcfba9537c73e8926f8722f08d0bba9
ebc4a167ca0dcda410e6be7ebf8d37e8082048fbe204818772c8ea68904f4024

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vall.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 996
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/6.gif

103.28.36.173

200 OK

701 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/6.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
701 B (701 bytes)
Hash
f6572832cf7352317ec7de7cc7dbbfed
827f69937c70ab8d8f86c39a314d894f02675d74
40abb3e0c7bac24a5816d3c0ca9dbfef32c6c2a4f4187422f83f30156cd0073e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/6.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 701
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
590b12f5608c28b8faf8fb6852f5440b
5c294ddacae969d09a2d6899d691792de3f5b49d
2c287f00d41ff6246820e17777b0a155476214b179c8c2c9cbf6e0ec789f09b7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/1.gif

103.28.36.173

200 OK

400 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/1.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
400 B (400 bytes)
Hash
17b398ae279d5b4dbeffa23dfcdd4966
00b6769ddc5681068fa71f5f5833f7b686b52e5b
62c3503115628a9b7d30faaa51a1ca15c0b35d12494ed6956ea7c192ff60ea4b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/1.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 400
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
0e5e93e300336157b8ba7340d173e267
84cdb2289da3099604fc1f4731036cc47e9c25e7
461b26f6a59bd29c008532c046d154160eca87aeabdd8f15e03ff2479f088199

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
6b87aeed16a434f81667ebf406481f8b
14ab3ad15fc13c9c9e148a6194e08e729be39041
942f79e4a0aa32edc27adfb05ff6e484901023ae3175235233e91cec2239a4c0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/4.gif

103.28.36.173

200 OK

460 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/4.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
460 B (460 bytes)
Hash
69917879d48f3a1e4a17d67da41aae26
6b4db8597b6ddd3446aa5be2490e01346c82f875
92ad29d25b414bc9808f95405ee5748f6c7cc12bd5b1b6d2a5c877aa6b776165

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/4.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 460
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
47b49a18b452ed8cf1d33ccc63a2648f
b708ec08f856f4f00711400f10056c1cf6ad69f2
4c76252c560c13f61dfbc9204a7b01cef167ba12175c13542ede72829b97c19b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-home.png

103.28.36.173

200 OK

1.4 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-home.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1371 bytes)
Hash
d2bf555ac2650f8129a8c81e1e2efaaf
15dea233f0f2bca592d34d7e92e9eab3563ae485
524516b0e5d753ed3b18f22ee268e9be31dd39a0e2186d685b0f3e14e89f4511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-home.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:28 GMT
accept-ranges: bytes
content-length: 1371
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-phone.png

103.28.36.173

200 OK

2.3 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-phone.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2257 bytes)
Hash
67f72f23ba8b634363b791160a884120
30ac75080fa7e78141b08b609a3d00dc6ab5135f
fa23ed3f3a63b9775ff99fae4d0bfaa3be362ea63c4be30be0c254281bf869ef

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-phone.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:58 GMT
accept-ranges: bytes
content-length: 2257
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/10.png

103.28.36.173

200 OK

3.7 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/10.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 50 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3700 bytes)
Hash
41c12d0863e270c590539d42661bc95a
fb87583840d13fbc8323122f67fc1be3941272a7
0d58fd57f0a187d0302ba38e1af24fa675ab47a3b2eff209dd35d6958203b913

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/10.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 31 Mar 2020 11:06:19 GMT
accept-ranges: bytes
content-length: 3700
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/11.png

103.28.36.173

200 OK

3.8 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/11.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 50 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3842 bytes)
Hash
99f581541be58db8e79a9d4199032d3b
99a716b5d13fa309176b0489738f0e35a25de4e3
b49fef84e463a6b541d535a351c5c6b2b0f3700d4358b99a219de0e97bccd404

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/11.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 31 Mar 2020 11:06:24 GMT
accept-ranges: bytes
content-length: 3842
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-mail.png

103.28.36.173

200 OK

2.8 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-mail.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2775 bytes)
Hash
4d2e1d9281d3249d0f0314d8d91e28df
bf7eead7bb1a4ceb65c101c8c48704bc88216213
01b1040079950df8f17251f98aae9b7b930c22ccaff7cbf73830d9b2783db79d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-mail.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:38 GMT
accept-ranges: bytes
content-length: 2775
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/dktc.gif

103.28.36.173

200 OK

4.4 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/dktc.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 260 x 60\012- data
Size
4.4 kB (4425 bytes)
Hash
b93afdf4a70eead284fb13bddfaaa48e
7c635e668c3059f6bc6aa9aa4b9e6454acb2733b
8772ac9240fb310e0cfedbaa5bae7046f773b2013e895cec5d3c93e34905f19c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/dktc.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 23 Sep 2015 16:14:48 GMT
accept-ranges: bytes
content-length: 4425
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/3.jpg

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/3.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 271x160, components 3\012- data
Size
20 kB (20088 bytes)
Hash
a617986d0b05fdb9ca3e1b608126f898
7847a71ecf7da1d4302516165207a8c40e588752
b272fdb7c872b6244c4c70f7bf6d15a3c9a4a6b9f0c49241d212ad34ec1f3236

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/3.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 13:42:02 GMT
accept-ranges: bytes
content-length: 20088
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/5.jpg

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/5.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 271x160, components 3\012- data
Size
12 kB (11461 bytes)
Hash
f662a799b84296f8f9cd20c7063aa005
01604ee2bfb59517b146e63861b713fc82a00e06
2818ae160033347a5aa1ed40cc70ace1d003ac53e8a1d834f9a8af0a5239ef03

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/5.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 23:47:18 GMT
accept-ranges: bytes
content-length: 11461
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/10.png

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/10.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 187, 8-bit/color RGB, interlaced\012- data
Size
20 kB (19544 bytes)
Hash
a37ce9a6f1d304f62cff43f99b70be61
94c6062c8fe58f1170f39509263d6297552da64e
93bb0d091e58b8a28852ce0a7e3874ed68124da6172f2c6cea02126ad618ea9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/10.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:44 GMT
accept-ranges: bytes
content-length: 19544
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/LI1.jpg

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/LI1.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 416x115, components 3\012- data
Size
12 kB (11490 bytes)
Hash
82d1ea9bd47b5bb4dfb885fa0f29ef38
cb4039419b548c3518977655127797dec2c1350c
757e96311a0253928718ec875c2bb51b58b4bfdd2fa3baf0530cda542528f121

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/LI1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 06 Oct 2015 17:32:48 GMT
accept-ranges: bytes
content-length: 11490
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/25.png

103.28.36.173

200 OK

15 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/25.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
15 kB (14861 bytes)
Hash
cf3dc9e73c59291f3792a43f5698b1c2
b489cb1f7cd32bc9ea4b6c9101bef796f8334fe6
2a8c35a063946f6bd68cc2f5ce43f0b4642d9f05cfb8dadcee5ad67f2c693a65

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/25.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 13 Apr 2020 15:01:44 GMT
accept-ranges: bytes
content-length: 14861
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/26.png

103.28.36.173

200 OK

22 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/26.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22401 bytes)
Hash
5484faf35c43aac5567c9b0d469d3fbc
79f299708d5704a9438f228611d8f13766d2cfec
c48de428e63989f8fb41e935601e8bead9ace1be9be977bdcf6b147b7c658e92

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/26.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 01 Apr 2020 19:25:14 GMT
accept-ranges: bytes
content-length: 22401
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/map1.png

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/map1.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 271 x 149, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19860 bytes)
Hash
2ef6db7316316b7fda8732824f73f662
2f3e6906ba0d8b0ea29d3a50e7e3df23984ccd1a
7318e62d80415da80f6c48178a0f072db3f64b28363e7cc6828e287690d74914

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/map1.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 08:39:36 GMT
accept-ranges: bytes
content-length: 19860
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/tintuc/caohoclogo.jpg

103.28.36.173

200 OK

24 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/tintuc/caohoclogo.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:04:02 15:52:27], progressive, precision 8, 100x114, components 3\012- data
Size
24 kB (23506 bytes)
Hash
1ee786dae45bd39f6aa87fb6095a131b
3b7a08168ef83c75067eb0da74a6fe9c16e928f3
f81a71e4924a569d3e6a9fa79d60e1ae04519edcf69d523221e71124aa50f7a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tintuc/caohoclogo.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Thu, 02 Apr 2020 08:52:56 GMT
accept-ranges: bytes
content-length: 23506
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/tintuc/tuyendung.png

103.28.36.173

200 OK

14 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/tintuc/tuyendung.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 107, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14210 bytes)
Hash
a35567eb60dc1497f3dc8959b95c8350
5d4f50059d2a03781f1334a161828cd4a3f1a2a0
05a3e397ffa832ab14bbf02c4674fb6f7d6bfe07fc81e96e9aa7ea5e37ea4c69

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tintuc/tuyendung.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 03 Apr 2020 08:24:30 GMT
accept-ranges: bytes
content-length: 14210
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/1.jpg

103.28.36.173

11 kB

URL
khaithaclothien.edu.vn/images/video/1.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 271x160, components 3\012- data
Size
11 kB (10895 bytes)
Hash
b829e6578643c522740b1d52ec404d44
cbc77d0e8c597290cb0243918a39346ff14271aa
2d2ef6d26cd9cac84cf8b1748027a154eb675f4c47103424d4e1c7a0bd3e9390

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 13:17:28 GMT
accept-ranges: bytes
content-length: 10895
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/4.png

103.28.36.173

200 OK

27 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/4.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 102, 8-bit/color RGB, non-interlaced\012- data
Size
27 kB (27359 bytes)
Hash
96ce5715d69b094fb3bbe8218a6bdfda
fa73bdfe9e7827c79c151d216c7e63ca65288046
df8b66d75007a88e95a6ab609d78b996f8c71a051383d83be5c9b432a4e5ecae

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/4.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 14:44:08 GMT
accept-ranges: bytes
content-length: 27359
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/23.png

103.28.36.173

200 OK

38 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/23.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 163, 8-bit/color RGB, interlaced\012- data
Size
38 kB (37666 bytes)
Hash
81600e971e6b8c0ef63c58c57dbd283b
52cbf7e10d37ac34500460bedaf8501e5d4de1b7
149adc351d8d4622d37542e32f00992f0570f3363f8f398ad3639d3c3bd5ac78

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/23.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:46 GMT
accept-ranges: bytes
content-length: 37666
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/4.jpg

103.28.36.173

200 OK

45 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/4.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:03:09 20:10:04], baseline, precision 8, 271x160, components 3\012- data
Size
45 kB (44994 bytes)
Hash
e6292e78713de08440aecc20a392a50e
757e61acd09a8d71673fa1d668b093a0a6ed0e39
0b206b18fd181960c52fe2c0d3b0210e30b2bdd40c7bac481dea75a9c9a1d2b7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/4.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 09 Mar 2020 13:10:04 GMT
accept-ranges: bytes
content-length: 44994
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/1.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/1.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 161, 8-bit/color RGB, non-interlaced\012- data
Size
55 kB (55154 bytes)
Hash
4efa91929e8bfd439f97b0abf6ca13a7
41e669ccdbfedd74639e775059796165be22b7e6
96ca59705e7b8443b3b137edf9d5fd103b75fd2220bbaeea571f85d23eebc50e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/1.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:19:36 GMT
accept-ranges: bytes
content-length: 55154
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/3.png

103.28.36.173

200 OK

42 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/3.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42548 bytes)
Hash
9201c06f9d2fdd41edc87bc0a08ead56
33efa84a31a8a9848b359b495de378c2c5823567
68266e19ca37cb38f0411cd24e602dd52a111e6865fb0bc2b75c77e6ba123ad2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/3.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:21:10 GMT
accept-ranges: bytes
content-length: 42548
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/15.png

103.28.36.173

200 OK

52 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/15.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 272, 8-bit/color RGBA, interlaced\012- data
Size
52 kB (52005 bytes)
Hash
a3be95efcbcc67ffa3badcf2412e1dd8
ee7efc4118fc75a64d8cfb1bd0adc605e8f47c34
dd92b660aa9ad84dcff674f32a3095367ac93798acc784614395f9fc4e7a11d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/15.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:20 GMT
accept-ranges: bytes
content-length: 52005
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/19.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/19.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 196, 8-bit/color RGB, interlaced\012- data
Size
55 kB (54771 bytes)
Hash
4c01b1d5b6c52691748a5ab6be48a22f
b8bcd7c2350748167ced34829941733750bdb065
52657d07a1090b622c357345b671cbb92e0baf07c859ed8c8ee2e31b92f0ccf5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/19.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:27:22 GMT
accept-ranges: bytes
content-length: 54771
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/6.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/6.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 184, 8-bit/color RGB, interlaced\012- data
Size
55 kB (55224 bytes)
Hash
4559bc263d72babba75e72f1440ad2cb
b487ba628e0e29359bd39529c0b7a073d0e63671
1f2b3318a406644d8dcc2af47f45706a843378dbaaaf918c713a0bfb6886ddc2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/6.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 03:19:28 GMT
accept-ranges: bytes
content-length: 55224
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/22.png

103.28.36.173

200 OK

40 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/22.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 177, 8-bit/color RGB, interlaced\012- data
Size
40 kB (39788 bytes)
Hash
c44a109497bf3f11392f1a40b90cae11
5d3aad8d72702d737f587c6e208eb7327c24f7ab
c4aba940229a9409f6c21b1148aa4a70d862df25aba8292cb11e80310e3a2b44

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/22.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:34 GMT
accept-ranges: bytes
content-length: 39788
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/7.png

103.28.36.173

200 OK

57 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/7.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 251, 8-bit/color RGB, interlaced\012- data
Size
57 kB (57393 bytes)
Hash
7decc0a6f42de12b4f2da421eefaa583
56c8618cf4f4a20a14988c27741c61f33961aab5
acbec7b797d0abbf2cd251cde17b9f5722508acc1eff26f42ee9a427987737a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/7.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:23:20 GMT
accept-ranges: bytes
content-length: 57393
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/20.png

103.28.36.173

200 OK

59 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/20.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 172, 8-bit/color RGB, interlaced\012- data
Size
59 kB (59093 bytes)
Hash
c07d25a157e157360b943b99310b82d6
77dcd15a0def1aba2c89b6c6bda006b777493596
518deaf7fb5bb22ecf6a34bf991f1c74092e53c167190d9185f7c73ca4b52cae

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/20.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:06 GMT
accept-ranges: bytes
content-length: 59093
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/Email1.jpg

103.28.36.173

200 OK

65 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/Email1.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=261, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=945], baseline, precision 8, 926x214, components 3\012- data
Size
65 kB (65155 bytes)
Hash
8f517ba8c0477abdcb18736faf492b22
824b934ef0291663e35bf2b8719f2d6ba9536c7e
e32711c7635d08e485ddfbbcf4b33ebedd022c5cbc9716fd0bab6e54db73e19e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/Email1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Thu, 01 Dec 2016 18:52:24 GMT
accept-ranges: bytes
content-length: 65155
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/2.jpg

103.28.36.173

200 OK

60 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/2.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:03:09 20:05:45], baseline, precision 8, 271x160, components 3\012- data
Size
60 kB (60296 bytes)
Hash
b265eff9686e26cebf0e85947d8844c9
c7d3eb39cc32e2ed77155294fc4d87f452ccd7f7
03b903b65a390f42872ecb5d76bcc2ae20a42c831fbf84ab31da41d2385690e7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/2.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 09 Mar 2020 13:05:44 GMT
accept-ranges: bytes
content-length: 60296
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/17.png

103.28.36.173

200 OK

76 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/17.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 148, 8-bit/color RGB, interlaced\012- data
Size
76 kB (76275 bytes)
Hash
0e6eb22ac62f951601dc25df11696afc
f60267d021b8083f66f886a47405896009a58a71
584479a873c5f4a7916e1812e1a718a42bbcd34c85ade5314db1f63a395599fe

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/17.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:50 GMT
accept-ranges: bytes
content-length: 76275
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/12.png

103.28.36.173

200 OK

95 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/12.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 253, 8-bit/color RGBA, non-interlaced\012- data
Size
95 kB (95120 bytes)
Hash
43fde4c1a1d70edc39f8777afbe7409e
d57fa3a3ec5dcfabded2dd76befe29415e2349af
ba99b1b810055bceb8f128b4e0c6bc285bc32c8fa346a01e880b92d85293a83d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/12.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:25:16 GMT
accept-ranges: bytes
content-length: 95120
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/9.png

103.28.36.173

200 OK

103 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/9.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, interlaced\012- data
Size
103 kB (103373 bytes)
Hash
e7b6a8128f5d72dcc5fd42b94b77f004
a58fdda6e4b6b5fa3d9ceae33199d447a8a6c602
3871fd9d5f1b65e0fb24174edd033440c868c4cfeb37d2d133f6e07aca3f896a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/9.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:26 GMT
accept-ranges: bytes
content-length: 103373
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/11.png

103.28.36.173

200 OK

92 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/11.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 251, 8-bit/color RGB, interlaced\012- data
Size
92 kB (92005 bytes)
Hash
8e9e60fe6f631b57abfd482c6c3937d8
01cde8366d226a34692d4d68c8bb6151009d2b0e
d4075d25453b03e02a64c9d23a7f4fe5d965f0e9ab2bb114661b111ddb49803c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/11.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:58 GMT
accept-ranges: bytes
content-length: 92005
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/16.png

103.28.36.173

200 OK

100 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/16.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
100 kB (100245 bytes)
Hash
c6788f80fa76ac62dd7573b6193bdea9
37d29e092c2f936de5c82f66536519fe559b9c3d
b2c46f6a6743a4c4f61e530b1503de352ee9d7f6c8cd76f8c779598b70fcf197

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/16.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:36 GMT
accept-ranges: bytes
content-length: 100245
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/2.png

103.28.36.173

200 OK

107 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/2.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (107131 bytes)
Hash
b6b49bf9049d17653458fb1c3a7c375c
b9de058382712683851c566b3b371b5c46f0ee69
95b6bd0875b9bda9721406e6d27c66a67d08fcdc8f3330531029e325ac121c19

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/2.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:20:24 GMT
accept-ranges: bytes
content-length: 107131
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/5.png

103.28.36.173

200 OK

107 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/5.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
107 kB (106756 bytes)
Hash
51b9d59d7f79aa587ca71d98f712a7c1
17dfc1a3852716ddc8f39313b55e4556f1f69ad5
e27468942dd7ac760090d1ff7e1631cccdc6656c00398faa7d2d344578cd09cb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/5.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:22:20 GMT
accept-ranges: bytes
content-length: 106756
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/21.png

103.28.36.173

200 OK

117 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/21.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 230, 8-bit/color RGB, interlaced\012- data
Size
117 kB (117173 bytes)
Hash
9ac92bf24f80552382f0e99ead440186
176694e94e618027274873eff574067e9e48135e
95bb032f1cff362206f999d585b1cd975487119c93237d72bc373b01f2329175

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/21.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:18 GMT
accept-ranges: bytes
content-length: 117173
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/13.png

103.28.36.173

200 OK

109 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/13.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 196, 8-bit/color RGB, interlaced\012- data
Size
109 kB (108803 bytes)
Hash
707f8a4a8840973f3919ad4a76be3687
63d3f13d923867948b8288b082b9c40f9a7a0e86
cb3452320ca328cbdc146916a1e7aef20c95e7a6a111a4fd3cdf22a70358b3ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/13.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:25:28 GMT
accept-ranges: bytes
content-length: 108803
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/8.png

103.28.36.173

200 OK

125 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/8.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
125 kB (125410 bytes)
Hash
f093ee903d6f43c370c925af44b966d5
71785dd0ee0e615c6df8cf1f9a7ea7a5149eea90
99cfdf22661fd4a7c4b8cd49e52972e76ecad8aaf1687bb81ed5b3e3503e76d5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/8.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:02 GMT
accept-ranges: bytes
content-length: 125410
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/banners/banner.jpg

103.28.36.173

200 OK

125 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/banners/banner.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:07:31 14:34:36], baseline, precision 8, 1129x113, components 3\012- data
Size
125 kB (124568 bytes)
Hash
893d6c6fbe02ef02abaf58980778016a
60b9dca7973b4df90c07872f296acf85b769c586
7e8859bd704f68aacce0e30f1b9ea8366f3455833484203b51df700915475d4e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banners/banner.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Mon, 31 Jul 2023 07:34:58 GMT
accept-ranges: bytes
content-length: 124568
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/18.png

103.28.36.173

200 OK

140 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/18.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 227, 8-bit/color RGB, interlaced\012- data
Size
140 kB (139548 bytes)
Hash
f7e70e0d5add2d94d0f3e8432d7baed0
7d9ab25f952c0b0698bed32f31cb19293de7c49d
c8b4bcc48182a5f8da6559eea64cac6578d4b0b58892b3ed64596ee28dcfb2cc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/18.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:27:52 GMT
accept-ranges: bytes
content-length: 139548
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/24.png

103.28.36.173

200 OK

150 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/24.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
150 kB (150221 bytes)
Hash
2b6f1eeaa49fe0993de8ef634dfc56dd
8d011dca3f065cdba2d65d4d5e432d949be56757
6848b87feb009ba459d646dd3fdad778563bcd58ad464dd6800ddace0e2cf311

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/24.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 01 Apr 2020 19:25:06 GMT
accept-ranges: bytes
content-length: 150221
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/14.png

103.28.36.173

200 OK

154 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/14.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 253, 8-bit/color RGB, interlaced\012- data
Size
154 kB (154411 bytes)
Hash
6ab05a424ab5612476448a38443a76da
aedc245c79cc6152abd3946d9b59a89b9b4e6c4b
e0c4245df4fc947391898593ed6e628a6a919f297d9fda3a9851ec740cae21b6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/14.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:02 GMT
accept-ranges: bytes
content-length: 154411
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/7.png

103.28.36.173

200 OK

233 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/7.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 860 x 539, 8-bit/color RGB, non-interlaced\012- data
Size
233 kB (232703 bytes)
Hash
b7daa6ab54c925dad4d6eb37924d9a96
d02b65c12a10c66fdc99e768e4d28efa275676d1
191285ab6699ffe5cec1090eaa5116784affb1a70a7111847d2923fc9783b3db

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/7.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 08 Sep 2023 06:56:09 GMT
accept-ranges: bytes
content-length: 232703
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/arrows.png

103.28.36.173

200 OK

824 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/arrows.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 60 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
824 B (824 bytes)
Hash
09b24f1a73b9eeb5cc62db7ec0b60bca
43e3f77646ac42cdcb449dc9cc53c3a4dff63d19
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/arrows.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 824
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/top.png

103.28.36.173

200 OK

4.1 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/top.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
a0c4ea81780e834c7693a34beb9980e0
caa7d67759a4060e270b8e1a7fa4a6875e6dffcf
d6832f0465daf20f4cc010fe3129d376736f8b2739c8e5244a9e5460000d0ce3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/top.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Sat, 28 Mar 2020 04:13:07 GMT
accept-ranges: bytes
content-length: 4103
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/icon-listnew.png

103.28.36.173

953 B

URL
khaithaclothien.edu.vn/templates/protostar/images/icon-listnew.png
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 6 x 6, 8-bit/color RGB, non-interlaced\012- data
Size
953 B (953 bytes)
Hash
502f7c2fba5510e0ae23964738fa993c
02a64959b5628b31de2c79bc7ec98925bfb6cb44
75bfcc808c89bff7a4a75d49f69cbe713d67d54d62bba5ebda9250550a9b3979

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/icon-listnew.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 18:51:51 GMT
accept-ranges: bytes
content-length: 953
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/search.png

103.28.36.173

200 OK

1.2 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/images/search.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 24 x 23, 8-bit/color RGB, non-interlaced\012- data
Size
1.2 kB (1220 bytes)
Hash
c6f058499004492950c63c54ffa06aef
ecc4a2613883806788fc34cc6e805890d1460b7e
00eb96842b306876669bb258c500a6d7d6d884d61812c5e0063a80a23137f7d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/search.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Thu, 02 Apr 2020 19:43:17 GMT
accept-ranges: bytes
content-length: 1220
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/loading.gif

103.28.36.173

200 OK

1.7 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/loading.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
1.7 kB (1737 bytes)
Hash
dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/loading.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 1737
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/box-tl.jpg

103.28.36.173

200 OK

8.6 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/images/box-tl.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, orientation=upper-left, xresolution=146, yresolution=154, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:01:09 04:13:18], baseline, precision 8, 17x18, components 3\012- data
Size
8.6 kB (8616 bytes)
Hash
e3af737e87615eb93a2d6f743d787cec
44a1adb97f2ef094583167113d9c46d474d3ed34
1933db8e1979d74b821a74759cfc965570b90eee87a4cbd41ae641153b12ec0a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/box-tl.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 21:13:18 GMT
accept-ranges: bytes
content-length: 8616
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/box-bl.jpg

103.28.36.173

200 OK

14 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/images/box-bl.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, orientation=upper-left, xresolution=146, yresolution=154, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:01:09 04:11:41], baseline, precision 8, 17x800, components 3\012- data
Size
14 kB (14107 bytes)
Hash
5eb460b5f8e652ff9949920494e12666
63ff45ba41baa6ec08e32ce53c77138d389faaf2
522ae80b3b8f9fd2cc998bb9d4771a4e9049dcd04a4ddd9123b3d0edb9e94f93

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/box-bl.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 21:11:40 GMT
accept-ranges: bytes
content-length: 14107
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/menubox.png

103.28.36.173

1.1 kB

URL
khaithaclothien.edu.vn/templates/protostar/images/menubox.png
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 15 x 12, 8-bit/color RGBA, interlaced\012- data
Size
1.1 kB (1073 bytes)
Hash
c1a0a20e17a8c8152fa9a70cf4b16d13
88d2c9affa7fd33e006d2f336669cd68af595104
bbbd3c077a889034ed29daed48e8ff327f430f5a8773791006ede20ec7db45a5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/menubox.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Sun, 06 Oct 2019 17:11:32 GMT
accept-ranges: bytes
content-length: 1073
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/bg-block.png

103.28.36.173

1.3 kB

URL
khaithaclothien.edu.vn/templates/protostar/images/bg-block.png
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, interlaced\012- data
Size
1.3 kB (1321 bytes)
Hash
8f7116ab792267a01c5eaaa8c0f15cfb
8c5e2c5bd8dbfd8252bdb66801ac24c33c78043d
42c4d6f7b0f58e9264fe75305b461090887510011e65689c4e5727022bc6209f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/bg-block.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Sun, 06 Oct 2019 17:11:22 GMT
accept-ranges: bytes
content-length: 1321
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/box-br.jpg

103.28.36.173

67 kB

URL
khaithaclothien.edu.vn/templates/protostar/images/box-br.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, orientation=upper-left, xresolution=146, yresolution=154, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:01:09 04:12:54], baseline, precision 8, 970x800, components 3\012- data
Size
67 kB (66642 bytes)
Hash
6d45de9c36ff4a34bde22f0decd48994
4cebfd2f0a965e66c52121113ea9ee477a67aa08
44ffb0210a33f27c966137f9c2ad57c4b62f28072f1935f966c8502b56cdbcd7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/box-br.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 21:12:54 GMT
accept-ranges: bytes
content-length: 66642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/05.jpg

103.28.36.173

200 OK

306 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/05.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:37:06], baseline, precision 8, 860x550, components 3\012- data
Size
306 kB (305504 bytes)
Hash
52cd1839593ccfae5745d8e01418eade
32ebc81099e3d0037e349e9a944e1069af0b108d
bc78e599a480b20f1c34517af9fbd05e7f39706db0a7507198f7e31b53d124eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/05.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:00 GMT
accept-ranges: bytes
content-length: 305504
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/01.jpg

103.28.36.173

328 kB

URL GET
khaithaclothien.edu.vn/images/slide/01.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:39:52], baseline, precision 8, 860x550, components 3\012- data
Size
328 kB (328451 bytes)
Hash
a55756fdd5c612c3625917d996313c55
def6b78d43cceea1e707fded204b1045c760d378
ba26447039c3800aeb276f47e2e0fd195fbff40cdbd9a9d9d6a1bd4863eb8cf8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/01.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:45 GMT
accept-ranges: bytes
content-length: 328451
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/07.jpg

103.28.36.173

200 OK

387 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/07.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:38:52], baseline, precision 8, 860x550, components 3\012- data
Size
387 kB (387033 bytes)
Hash
738cb10cea77705f27dcc44931d0f8a1
31095c298cc4007b3f512483e061e064548a968f
133d08ffc498c00dec300aad8485a7f72120391c7b975b60819c7dc77189ad32

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/07.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:12 GMT
accept-ranges: bytes
content-length: 387033
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/08.jpg

103.28.36.173

200 OK

390 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/08.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:39:26], baseline, precision 8, 860x550, components 3\012- data
Size
390 kB (390208 bytes)
Hash
8150163460ca2c71e9bd240b8532ad0a
394202a7752bdb92d67441ff7ab6fa46838f0e6b
e0d24a972f95153efe9e2d0ac714601c4359d0eae39e7c5d6ee39e15dca34914

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/08.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:16 GMT
accept-ranges: bytes
content-length: 390208
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/09.jpg

103.28.36.173

200 OK

416 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/09.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:16], baseline, precision 8, 860x550, components 3\012- data
Size
416 kB (416056 bytes)
Hash
d74bce6ac5474150b2034ac7e8441cfa
13d143faab8012e39eecf264e06b7bfdd959bc7c
7bc06d71c8f04797d8a511822827455a6df3d24f2381752f12953dd068d697af

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/09.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:20 GMT
accept-ranges: bytes
content-length: 416056
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/10.jpg

103.28.36.173

200 OK

431 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/10.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:45:52], baseline, precision 8, 860x550, components 3\012- data
Size
431 kB (430770 bytes)
Hash
d53c6bd1c09f6b8d9a281719ca7ddee2
0349bd626b86233db5e637a83f886622360f07b8
5cf55471e2c579e6152678c65f4f7d08851381cd1100e1cb96295fcb9ea90ab2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/10.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:46:01 GMT
accept-ranges: bytes
content-length: 430770
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/images/box-tr0.jpg

103.28.36.173

200 OK

259 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/images/box-tr0.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=11, orientation=upper-left, xresolution=146, yresolution=154, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:01:09 04:15:02], baseline, precision 8, 23345x102, components 3\012- data
Size
259 kB (259051 bytes)
Hash
f6e0ab019cb2943ca4829922e8d7635e
e59477ed2db497d307f8c8a30e34638fa954d7d0
8346aa3f81f2cf59c428384aff96a2386189de064146583b94a1ce6488e8e3bc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/images/box-tr0.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 21:15:02 GMT
accept-ranges: bytes
content-length: 259051
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/06.jpg

103.28.36.173

200 OK

451 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/06.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:38:27], baseline, precision 8, 860x550, components 3\012- data
Size
451 kB (451388 bytes)
Hash
a6561480e1cfd1b27a908aa6fc735c88
9ed381fdca86e25e4b266d4fa550e9f2eafd448b
9f5e44e2042aae569a8fe8d973191a290b082afcefe11b83f046ea2f09d3a511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/06.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:02 GMT
accept-ranges: bytes
content-length: 451388
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/6.png

103.28.36.173

689 kB

URL
khaithaclothien.edu.vn/images/video/6.png
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 860 x 550, 8-bit/color RGB, non-interlaced\012- data
Size
689 kB (688637 bytes)
Hash
afa26e145b0ef4984b35c601c0e83ab2
5544596ed01329458993d00a48e809b4419f15c0
75f50863fccb109feadd028b788c6ec8ccd76ec85fffc26c0e3329745d463b88

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/6.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:11 GMT
server: Apache
last-modified: Fri, 08 Sep 2023 06:55:05 GMT
accept-ranges: bytes
content-length: 688637
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/2.jpg

103.28.36.173

200 OK

60 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/2.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:03:09 20:05:45], baseline, precision 8, 271x160, components 3\012- data
Size
60 kB (60296 bytes)
Hash
b265eff9686e26cebf0e85947d8844c9
c7d3eb39cc32e2ed77155294fc4d87f452ccd7f7
03b903b65a390f42872ecb5d76bcc2ae20a42c831fbf84ab31da41d2385690e7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/2.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/modules/mod_video/video.php
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:13 GMT
server: Apache
last-modified: Mon, 09 Mar 2020 13:05:44 GMT
accept-ranges: bytes
content-length: 60296
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/favicon.ico

103.28.36.173

200 OK

7.1 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/favicon.ico
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7086 bytes)
Hash
fa6dc98f2d1779f76e6813fb28f90b4f
9f07e78a1f2df8f66c7d25843881db61068df15a
0d63ee93de1491fc53768ad3da42aadde90c5635341f947e9736c991b6904e4f

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/favicon.ico HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Sun, 23 Feb 2020 10:02:08 GMT
accept-ranges: bytes
content-length: 7086
content-type: image/x-icon
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

173 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
173 kB (172700 bytes)
Hash
4c011d2fc1c06276f4bbbba316042e4f
5585739ea133c323f61288581b346afbd387810e
ab857a9e92f9cf3d41e560a59b32a66f9355752b39e267fb15b63d90ae02e285

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/css/template.css?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 08 May 2020 10:38:30 GMT
accept-ranges: bytes
content-length: 172700
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

15 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14962 bytes)
Hash
6738062b32e0ec237aacd307d5f7a482
6ecb4ff0536ae184bd6cbf8d9d41c7a3c97568d2
e9fe55b1601529e3b5bff3eca6a39920d50a5aceabb5daee64c3e1e7440ab811

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/css/modules.css?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 08 May 2020 10:53:40 GMT
accept-ranges: bytes
content-length: 14962
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/mvc.css

103.28.36.173

200 OK

5.9 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/mvc.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
5.9 kB (5861 bytes)
Hash
d95e8fad216e40a819f0224e5526207a
3cb1b231905c2fc3cdc5109361137dc6f11c94e4
f8df97f448684af7c69d200f5d4a52e505d3a1f02180a02cacc490930f0901c2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/mvc.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:00 GMT
accept-ranges: bytes
content-length: 5861
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css

103.28.36.173

200 OK

2.0 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
2.0 kB (2023 bytes)
Hash
b3897d6cefcd1df237bd845673ba6b30
f7481ffda8d79bd5468c04f7e9c432d838f63bc6
a53ee3402198102950548f85a540fb15c501243a1353d6d42d6d5fc215ea58eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/themes/default/default.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 2023
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css

103.28.36.173

200 OK

1.9 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
1.9 kB (1946 bytes)
Hash
d958a618b211c9391ef05499ad7f1eff
e4567914096e1d2111643d2e53e190349bb5e7be
1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/nivo-slider.css HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 1946
content-type: text/css
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

84 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (785)
Size
84 kB (83893 bytes)
Hash
dae9bedb881e4fa30a39d88aae444a0d
c7b66b70133c005c8283f3e1843db92769f71d38
b0fc8a4f81d13b1f3bc1843a6f2d43f46e5c9128837096b8d53f2360b8daec18

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/mootools-core.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 83893
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
20 kB (19516 bytes)
Hash
76579b9b82943a8b207f383768388428
5c33b52c1aae67620c3ca91dc92ce1f7cc7fa0d1
7875885fbab506728d552d0f3dd31da7e1e388ac2402f58393583ec86fae0862

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
x-powered-by: PHP/7.4.33
expires: Wed, 17 Aug 2005 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 08 Dec 2023 13:23:13 GMT
content-type: text/html; charset=utf-8
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

237 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2903)
Size
237 kB (236825 bytes)
Hash
471d5cbdf6786206310da0448076a9ea
a5124b0be4decb1ebca72e44531c3da85f0170f6
9db43e4a687084df93038c3d02cc4c149dff1210727059b82a7aac112a486eda

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/mootools-more.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 236825
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

10 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9959)
Size
10 kB (10056 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-migrate.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 10056
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

21 B

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
21 B (21 bytes)
Hash
e2060c4e5e5955c824723b13a212d3ec
18420ce484978f8ba3d7371febf1638828bb7a67
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery-noconflict.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 21
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

491 B

URL
khaithaclothien.edu.vn/media/system/js/caption.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (413)
Size
491 B (491 bytes)
Hash
27e0e11b572de3bc44be960d25d65570
9c431113357e1a7147388978bde9b70a3ff6114a
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/system/js/caption.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 491
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

2.0 kB

URL GET HTTP/2
khaithaclothien.edu.vn/templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text
Size
2.0 kB (2020 bytes)
Hash
07552fd025ae220cb392d04fd1c8e3dc
d678e49220dd32274fb37119a0e9abbea1c536c5
212b32f0e2d26cdec0882d4531305e7298c3f5c29121581b3e6cfb75ff0d5175

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/protostar/js/template.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 2020
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11999)
Size
12 kB (12201 bytes)
Hash
0cf3f8b677dcd27b6d46f4a56d65fdb2
55234f525286ead0ea12dc6c51c34b9b49f23bda
2881a6657e481fa5fccc79681cb91277a111785342d9c9283d71ac9ca6e9b098

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_sp_smart_slider/tmpl/nivo_slider/jquery.nivo.slider.pack.js HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 06 Mar 2020 17:23:16 GMT
accept-ranges: bytes
content-length: 12201
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/7.gif

103.28.36.173

200 OK

438 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/7.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
438 B (438 bytes)
Hash
054ac3393e46d37e758616e983983157
307ebcba394564b7fc4d30825f2fc76beaed2057
8089413d815e60ab5f83c3e70eff94cff9eb0adfe53beb91c4c02982501009c7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/7.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 438
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/plg_system_sl_scrolltotop/js/scrolltotop_mt.js

103.28.36.173

1.7 kB

URL
khaithaclothien.edu.vn/media/plg_system_sl_scrolltotop/js/scrolltotop_mt.js
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1732 bytes)
Hash
6d5a4eba82d2a380ba50b150f280cebf
627bf7a50ff04473e216088afb67b055b96c6a81
e0c94a691ed82ddc0fc8db099637062210ee6676ed85f360c7b082ab74e03447

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/plg_system_sl_scrolltotop/js/scrolltotop_mt.js HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Sat, 28 Mar 2020 04:14:49 GMT
accept-ranges: bytes
content-length: 1732
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

200 OK

29 kB

URL GET HTTP/2
khaithaclothien.edu.vn/media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (28972)
Size
29 kB (29126 bytes)
Hash
a125594de09167bd2e9015d790029a64
b0567b7e3db8ddbdc5806f5c4e2fa7a8abc9b692
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/bootstrap.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 29126
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306

103.28.36.173

97 kB

URL
khaithaclothien.edu.vn/media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65469)
Size
97 kB (96606 bytes)
Hash
59c2901ee162828f22bab14459431652
6cec0ee04bc7138b6eedad0009a49d155451bce8
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/jui/js/jquery.min.js?485f17c6260c48831a40e2f77c683306 HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Mon, 06 May 2019 15:34:16 GMT
accept-ranges: bytes
content-length: 96606
content-type: application/javascript
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menumb.png

103.28.36.173

200 OK

259 B

URL GET HTTP/2
khaithaclothien.edu.vn/images/menumb.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 22 x 18, 8-bit/color RGB, non-interlaced\012- data
Size
259 B (259 bytes)
Hash
7158e462d83cfc29adfb418cfb245a37
c1cdefd28446fe3baee6f398056cf9d0f75c99ae
4c01fbab71cdb8e8f1d31da53aa4c0390a77598b466328fab13d4f67ed603170

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menumb.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Fri, 08 May 2020 09:30:43 GMT
accept-ranges: bytes
content-length: 259
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/01.jpg

103.28.36.173

328 kB

URL GET
khaithaclothien.edu.vn/images/slide/01.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:39:52], baseline, precision 8, 860x550, components 3\012- data
Size
328 kB (328451 bytes)
Hash
a55756fdd5c612c3625917d996313c55
def6b78d43cceea1e707fded204b1045c760d378
ba26447039c3800aeb276f47e2e0fd195fbff40cdbd9a9d9d6a1bd4863eb8cf8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/01.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:45 GMT
accept-ranges: bytes
content-length: 328451
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/05.jpg

103.28.36.173

200 OK

306 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/05.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:37:06], baseline, precision 8, 860x550, components 3\012- data
Size
306 kB (305504 bytes)
Hash
52cd1839593ccfae5745d8e01418eade
32ebc81099e3d0037e349e9a944e1069af0b108d
bc78e599a480b20f1c34517af9fbd05e7f39706db0a7507198f7e31b53d124eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/05.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:00 GMT
accept-ranges: bytes
content-length: 305504
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/06.jpg

103.28.36.173

200 OK

451 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/06.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:38:27], baseline, precision 8, 860x550, components 3\012- data
Size
451 kB (451388 bytes)
Hash
a6561480e1cfd1b27a908aa6fc735c88
9ed381fdca86e25e4b266d4fa550e9f2eafd448b
9f5e44e2042aae569a8fe8d973191a290b082afcefe11b83f046ea2f09d3a511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/06.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:02 GMT
accept-ranges: bytes
content-length: 451388
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/07.jpg

103.28.36.173

200 OK

387 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/07.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:38:52], baseline, precision 8, 860x550, components 3\012- data
Size
387 kB (387033 bytes)
Hash
738cb10cea77705f27dcc44931d0f8a1
31095c298cc4007b3f512483e061e064548a968f
133d08ffc498c00dec300aad8485a7f72120391c7b975b60819c7dc77189ad32

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/07.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:12 GMT
accept-ranges: bytes
content-length: 387033
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/08.jpg

103.28.36.173

200 OK

390 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/08.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:39:26], baseline, precision 8, 860x550, components 3\012- data
Size
390 kB (390208 bytes)
Hash
8150163460ca2c71e9bd240b8532ad0a
394202a7752bdb92d67441ff7ab6fa46838f0e6b
e0d24a972f95153efe9e2d0ac714601c4359d0eae39e7c5d6ee39e15dca34914

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/08.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:16 GMT
accept-ranges: bytes
content-length: 390208
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/09.jpg

103.28.36.173

200 OK

416 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/09.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:16], baseline, precision 8, 860x550, components 3\012- data
Size
416 kB (416056 bytes)
Hash
d74bce6ac5474150b2034ac7e8441cfa
13d143faab8012e39eecf264e06b7bfdd959bc7c
7bc06d71c8f04797d8a511822827455a6df3d24f2381752f12953dd068d697af

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/09.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:20 GMT
accept-ranges: bytes
content-length: 416056
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/10.png

103.28.36.173

200 OK

3.7 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/10.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 50 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3700 bytes)
Hash
41c12d0863e270c590539d42661bc95a
fb87583840d13fbc8323122f67fc1be3941272a7
0d58fd57f0a187d0302ba38e1af24fa675ab47a3b2eff209dd35d6958203b913

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/10.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Tue, 31 Mar 2020 11:06:19 GMT
accept-ranges: bytes
content-length: 3700
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/10.jpg

103.28.36.173

200 OK

431 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/10.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:45:52], baseline, precision 8, 860x550, components 3\012- data
Size
431 kB (430770 bytes)
Hash
d53c6bd1c09f6b8d9a281719ca7ddee2
0349bd626b86233db5e637a83f886622360f07b8
5cf55471e2c579e6152678c65f4f7d08851381cd1100e1cb96295fcb9ea90ab2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/10.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:14 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:46:01 GMT
accept-ranges: bytes
content-length: 430770
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/11.png

103.28.36.173

200 OK

3.8 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/11.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 50 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3842 bytes)
Hash
99f581541be58db8e79a9d4199032d3b
99a716b5d13fa309176b0489738f0e35a25de4e3
b49fef84e463a6b541d535a351c5c6b2b0f3700d4358b99a219de0e97bccd404

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/11.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 31 Mar 2020 11:06:24 GMT
accept-ranges: bytes
content-length: 3842
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/tintuc/tuyendung.png

103.28.36.173

200 OK

14 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/tintuc/tuyendung.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 100 x 107, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14210 bytes)
Hash
a35567eb60dc1497f3dc8959b95c8350
5d4f50059d2a03781f1334a161828cd4a3f1a2a0
05a3e397ffa832ab14bbf02c4674fb6f7d6bfe07fc81e96e9aa7ea5e37ea4c69

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tintuc/tuyendung.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Fri, 03 Apr 2020 08:24:30 GMT
accept-ranges: bytes
content-length: 14210
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/1.jpg

103.28.36.173

11 kB

URL
khaithaclothien.edu.vn/images/video/1.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 271x160, components 3\012- data
Size
11 kB (10895 bytes)
Hash
b829e6578643c522740b1d52ec404d44
cbc77d0e8c597290cb0243918a39346ff14271aa
2d2ef6d26cd9cac84cf8b1748027a154eb675f4c47103424d4e1c7a0bd3e9390

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 13:17:28 GMT
accept-ranges: bytes
content-length: 10895
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/5.jpg

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/5.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 271x160, components 3\012- data
Size
12 kB (11461 bytes)
Hash
f662a799b84296f8f9cd20c7063aa005
01604ee2bfb59517b146e63861b713fc82a00e06
2818ae160033347a5aa1ed40cc70ace1d003ac53e8a1d834f9a8af0a5239ef03

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/5.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 23:47:18 GMT
accept-ranges: bytes
content-length: 11461
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/LI1.jpg

103.28.36.173

200 OK

12 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/LI1.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 416x115, components 3\012- data
Size
12 kB (11490 bytes)
Hash
82d1ea9bd47b5bb4dfb885fa0f29ef38
cb4039419b548c3518977655127797dec2c1350c
757e96311a0253928718ec875c2bb51b58b4bfdd2fa3baf0530cda542528f121

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/LI1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 06 Oct 2015 17:32:48 GMT
accept-ranges: bytes
content-length: 11490
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/dktc.gif

103.28.36.173

200 OK

4.4 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/dktc.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 260 x 60\012- data
Size
4.4 kB (4425 bytes)
Hash
b93afdf4a70eead284fb13bddfaaa48e
7c635e668c3059f6bc6aa9aa4b9e6454acb2733b
8772ac9240fb310e0cfedbaa5bae7046f773b2013e895cec5d3c93e34905f19c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/dktc.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 23 Sep 2015 16:14:48 GMT
accept-ranges: bytes
content-length: 4425
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/25.png

103.28.36.173

200 OK

15 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/25.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
15 kB (14861 bytes)
Hash
cf3dc9e73c59291f3792a43f5698b1c2
b489cb1f7cd32bc9ea4b6c9101bef796f8334fe6
2a8c35a063946f6bd68cc2f5ce43f0b4642d9f05cfb8dadcee5ad67f2c693a65

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/25.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Mon, 13 Apr 2020 15:01:44 GMT
accept-ranges: bytes
content-length: 14861
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/1.gif

103.28.36.173

200 OK

400 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/1.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
400 B (400 bytes)
Hash
17b398ae279d5b4dbeffa23dfcdd4966
00b6769ddc5681068fa71f5f5833f7b686b52e5b
62c3503115628a9b7d30faaa51a1ca15c0b35d12494ed6956ea7c192ff60ea4b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/1.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 400
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/4.gif

103.28.36.173

200 OK

460 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/4.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
460 B (460 bytes)
Hash
69917879d48f3a1e4a17d67da41aae26
6b4db8597b6ddd3446aa5be2490e01346c82f875
92ad29d25b414bc9808f95405ee5748f6c7cc12bd5b1b6d2a5c877aa6b776165

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/4.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 460
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/0.gif

103.28.36.173

200 OK

697 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/blue/0.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 87a, 17 x 27\012- data
Size
697 B (697 bytes)
Hash
71b4e272c888ddeb0d562fbe89eac163
9e57769470a996480787eb7e1b1afd4f32eca524
d9479c248e030cf689aaead56ffe468b1198bf3ada99dda99c898ce7f650cb1d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/blue/0.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:02 GMT
accept-ranges: bytes
content-length: 697
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
6b87aeed16a434f81667ebf406481f8b
14ab3ad15fc13c9c9e148a6194e08e729be39041
942f79e4a0aa32edc27adfb05ff6e484901023ae3175235233e91cec2239a4c0

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vweek.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
590b12f5608c28b8faf8fb6852f5440b
5c294ddacae969d09a2d6899d691792de3f5b49d
2c287f00d41ff6246820e17777b0a155476214b179c8c2c9cbf6e0ec789f09b7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vtoday.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
0e5e93e300336157b8ba7340d173e267
84cdb2289da3099604fc1f4731036cc47e9c25e7
461b26f6a59bd29c008532c046d154160eca87aeabdd8f15e03ff2479f088199

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vmonth.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vall.gif

103.28.36.173

200 OK

996 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vall.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
996 B (996 bytes)
Hash
3447ab25dff2af076ac60045290a5e72
02bcd05bedcfba9537c73e8926f8722f08d0bba9
ebc4a167ca0dcda410e6be7ebf8d37e8082048fbe204818772c8ea68904f4024

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vall.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 996
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-home.png

103.28.36.173

200 OK

1.4 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-home.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1371 bytes)
Hash
d2bf555ac2650f8129a8c81e1e2efaaf
15dea233f0f2bca592d34d7e92e9eab3563ae485
524516b0e5d753ed3b18f22ee268e9be31dd39a0e2186d685b0f3e14e89f4511

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-home.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:28 GMT
accept-ranges: bytes
content-length: 1371
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-phone.png

103.28.36.173

200 OK

2.3 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-phone.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2257 bytes)
Hash
67f72f23ba8b634363b791160a884120
30ac75080fa7e78141b08b609a3d00dc6ab5135f
fa23ed3f3a63b9775ff99fae4d0bfaa3be362ea63c4be30be0c254281bf869ef

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-phone.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:58 GMT
accept-ranges: bytes
content-length: 2257
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/phong-ban-mail.png

103.28.36.173

200 OK

2.8 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/phong-ban-mail.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2775 bytes)
Hash
4d2e1d9281d3249d0f0314d8d91e28df
bf7eead7bb1a4ceb65c101c8c48704bc88216213
01b1040079950df8f17251f98aae9b7b930c22ccaff7cbf73830d9b2783db79d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/phong-ban-mail.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 07:06:38 GMT
accept-ranges: bytes
content-length: 2775
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif

103.28.36.173

200 OK

909 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
GIF image data, version 89a, 17 x 14\012- data
Size
909 B (909 bytes)
Hash
47b49a18b452ed8cf1d33ccc63a2648f
b708ec08f856f4f00711400f10056c1cf6ad69f2
4c76252c560c13f61dfbc9204a7b01cef167ba12175c13542ede72829b97c19b

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_vvisit_counter/images/tbl/peoples/vyesterday.gif HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 08 Jan 2020 17:43:04 GMT
accept-ranges: bytes
content-length: 909
content-type: image/gif
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/top.png

103.28.36.173

200 OK

4.1 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/top.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4103 bytes)
Hash
a0c4ea81780e834c7693a34beb9980e0
caa7d67759a4060e270b8e1a7fa4a6875e6dffcf
d6832f0465daf20f4cc010fe3129d376736f8b2739c8e5244a9e5460000d0ce3

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/top.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Sat, 28 Mar 2020 04:13:07 GMT
accept-ranges: bytes
content-length: 4103
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/tintuc/caohoclogo.jpg

103.28.36.173

200 OK

24 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/tintuc/caohoclogo.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:04:02 15:52:27], progressive, precision 8, 100x114, components 3\012- data
Size
24 kB (23506 bytes)
Hash
1ee786dae45bd39f6aa87fb6095a131b
3b7a08168ef83c75067eb0da74a6fe9c16e928f3
f81a71e4924a569d3e6a9fa79d60e1ae04519edcf69d523221e71124aa50f7a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tintuc/caohoclogo.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Thu, 02 Apr 2020 08:52:56 GMT
accept-ranges: bytes
content-length: 23506
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/3.jpg

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/3.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left], baseline, precision 8, 271x160, components 3\012- data
Size
20 kB (20088 bytes)
Hash
a617986d0b05fdb9ca3e1b608126f898
7847a71ecf7da1d4302516165207a8c40e588752
b272fdb7c872b6244c4c70f7bf6d15a3c9a4a6b9f0c49241d212ad34ec1f3236

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/3.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Sun, 08 Mar 2020 13:42:02 GMT
accept-ranges: bytes
content-length: 20088
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/4.png

103.28.36.173

200 OK

27 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/4.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 102, 8-bit/color RGB, non-interlaced\012- data
Size
27 kB (27359 bytes)
Hash
96ce5715d69b094fb3bbe8218a6bdfda
fa73bdfe9e7827c79c151d216c7e63ca65288046
df8b66d75007a88e95a6ab609d78b996f8c71a051383d83be5c9b432a4e5ecae

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/4.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 14:44:08 GMT
accept-ranges: bytes
content-length: 27359
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/10.png

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/10.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 187, 8-bit/color RGB, interlaced\012- data
Size
20 kB (19544 bytes)
Hash
a37ce9a6f1d304f62cff43f99b70be61
94c6062c8fe58f1170f39509263d6297552da64e
93bb0d091e58b8a28852ce0a7e3874ed68124da6172f2c6cea02126ad618ea9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/10.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:44 GMT
accept-ranges: bytes
content-length: 19544
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/26.png

103.28.36.173

200 OK

22 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/26.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22401 bytes)
Hash
5484faf35c43aac5567c9b0d469d3fbc
79f299708d5704a9438f228611d8f13766d2cfec
c48de428e63989f8fb41e935601e8bead9ace1be9be977bdcf6b147b7c658e92

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/26.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 01 Apr 2020 19:25:14 GMT
accept-ranges: bytes
content-length: 22401
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/map1.png

103.28.36.173

200 OK

20 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/map1.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 271 x 149, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19860 bytes)
Hash
2ef6db7316316b7fda8732824f73f662
2f3e6906ba0d8b0ea29d3a50e7e3df23984ccd1a
7318e62d80415da80f6c48178a0f072db3f64b28363e7cc6828e287690d74914

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/map1.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Tue, 01 Oct 2019 08:39:36 GMT
accept-ranges: bytes
content-length: 19860
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/4.jpg

103.28.36.173

200 OK

45 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/4.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:03:09 20:10:04], baseline, precision 8, 271x160, components 3\012- data
Size
45 kB (44994 bytes)
Hash
e6292e78713de08440aecc20a392a50e
757e61acd09a8d71673fa1d668b093a0a6ed0e39
0b206b18fd181960c52fe2c0d3b0210e30b2bdd40c7bac481dea75a9c9a1d2b7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/4.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Mon, 09 Mar 2020 13:10:04 GMT
accept-ranges: bytes
content-length: 44994
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/3.png

103.28.36.173

200 OK

42 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/3.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42548 bytes)
Hash
9201c06f9d2fdd41edc87bc0a08ead56
33efa84a31a8a9848b359b495de378c2c5823567
68266e19ca37cb38f0411cd24e602dd52a111e6865fb0bc2b75c77e6ba123ad2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/3.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:21:10 GMT
accept-ranges: bytes
content-length: 42548
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/23.png

103.28.36.173

200 OK

38 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/23.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 163, 8-bit/color RGB, interlaced\012- data
Size
38 kB (37666 bytes)
Hash
81600e971e6b8c0ef63c58c57dbd283b
52cbf7e10d37ac34500460bedaf8501e5d4de1b7
149adc351d8d4622d37542e32f00992f0570f3363f8f398ad3639d3c3bd5ac78

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/23.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:46 GMT
accept-ranges: bytes
content-length: 37666
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/22.png

103.28.36.173

200 OK

40 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/22.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 177, 8-bit/color RGB, interlaced\012- data
Size
40 kB (39788 bytes)
Hash
c44a109497bf3f11392f1a40b90cae11
5d3aad8d72702d737f587c6e208eb7327c24f7ab
c4aba940229a9409f6c21b1148aa4a70d862df25aba8292cb11e80310e3a2b44

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/22.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:34 GMT
accept-ranges: bytes
content-length: 39788
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/1.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/1.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 161, 8-bit/color RGB, non-interlaced\012- data
Size
55 kB (55154 bytes)
Hash
4efa91929e8bfd439f97b0abf6ca13a7
41e669ccdbfedd74639e775059796165be22b7e6
96ca59705e7b8443b3b137edf9d5fd103b75fd2220bbaeea571f85d23eebc50e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/1.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:19:36 GMT
accept-ranges: bytes
content-length: 55154
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/menu-home/Email1.jpg

103.28.36.173

200 OK

65 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/menu-home/Email1.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=261, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=945], baseline, precision 8, 926x214, components 3\012- data
Size
65 kB (65155 bytes)
Hash
8f517ba8c0477abdcb18736faf492b22
824b934ef0291663e35bf2b8719f2d6ba9536c7e
e32711c7635d08e485ddfbbcf4b33ebedd022c5cbc9716fd0bab6e54db73e19e

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/menu-home/Email1.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Thu, 01 Dec 2016 18:52:24 GMT
accept-ranges: bytes
content-length: 65155
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/2.jpg

103.28.36.173

200 OK

60 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/2.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:03:09 20:05:45], baseline, precision 8, 271x160, components 3\012- data
Size
60 kB (60296 bytes)
Hash
b265eff9686e26cebf0e85947d8844c9
c7d3eb39cc32e2ed77155294fc4d87f452ccd7f7
03b903b65a390f42872ecb5d76bcc2ae20a42c831fbf84ab31da41d2385690e7

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/2.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Mon, 09 Mar 2020 13:05:44 GMT
accept-ranges: bytes
content-length: 60296
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/7.png

103.28.36.173

200 OK

57 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/7.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 251, 8-bit/color RGB, interlaced\012- data
Size
57 kB (57393 bytes)
Hash
7decc0a6f42de12b4f2da421eefaa583
56c8618cf4f4a20a14988c27741c61f33961aab5
acbec7b797d0abbf2cd251cde17b9f5722508acc1eff26f42ee9a427987737a6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/7.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:23:20 GMT
accept-ranges: bytes
content-length: 57393
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/6.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/6.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 184, 8-bit/color RGB, interlaced\012- data
Size
55 kB (55224 bytes)
Hash
4559bc263d72babba75e72f1440ad2cb
b487ba628e0e29359bd39529c0b7a073d0e63671
1f2b3318a406644d8dcc2af47f45706a843378dbaaaf918c713a0bfb6886ddc2

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/6.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Fri, 27 Mar 2020 03:19:28 GMT
accept-ranges: bytes
content-length: 55224
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/15.png

103.28.36.173

200 OK

52 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/15.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 272, 8-bit/color RGBA, interlaced\012- data
Size
52 kB (52005 bytes)
Hash
a3be95efcbcc67ffa3badcf2412e1dd8
ee7efc4118fc75a64d8cfb1bd0adc605e8f47c34
dd92b660aa9ad84dcff674f32a3095367ac93798acc784614395f9fc4e7a11d4

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/15.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:20 GMT
accept-ranges: bytes
content-length: 52005
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/19.png

103.28.36.173

200 OK

55 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/19.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 196, 8-bit/color RGB, interlaced\012- data
Size
55 kB (54771 bytes)
Hash
4c01b1d5b6c52691748a5ab6be48a22f
b8bcd7c2350748167ced34829941733750bdb065
52657d07a1090b622c357345b671cbb92e0baf07c859ed8c8ee2e31b92f0ccf5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/19.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:27:22 GMT
accept-ranges: bytes
content-length: 54771
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/20.png

103.28.36.173

200 OK

59 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/20.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 172, 8-bit/color RGB, interlaced\012- data
Size
59 kB (59093 bytes)
Hash
c07d25a157e157360b943b99310b82d6
77dcd15a0def1aba2c89b6c6bda006b777493596
518deaf7fb5bb22ecf6a34bf991f1c74092e53c167190d9185f7c73ca4b52cae

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/20.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:06 GMT
accept-ranges: bytes
content-length: 59093
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/17.png

103.28.36.173

200 OK

76 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/17.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 148, 8-bit/color RGB, interlaced\012- data
Size
76 kB (76275 bytes)
Hash
0e6eb22ac62f951601dc25df11696afc
f60267d021b8083f66f886a47405896009a58a71
584479a873c5f4a7916e1812e1a718a42bbcd34c85ade5314db1f63a395599fe

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/17.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:50 GMT
accept-ranges: bytes
content-length: 76275
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/banners/banner-mb.jpg

103.28.36.173

69 kB

URL
khaithaclothien.edu.vn/images/banners/banner-mb.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2020:05:08 16:16:13], baseline, precision 8, 672x101, components 3\012- data
Size
69 kB (68720 bytes)
Hash
ba3299f358c73fbea3e429ee2e289d45
d973b6bd1145ad886cc5d59c6195cf72136e5371
78daea8d1b24937dffc941ba77e4b78f4a641feb6559e5385dd994ba38f62554

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/banners/banner-mb.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Fri, 08 May 2020 09:42:25 GMT
accept-ranges: bytes
content-length: 68720
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/12.png

103.28.36.173

200 OK

95 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/12.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 253, 8-bit/color RGBA, non-interlaced\012- data
Size
95 kB (95120 bytes)
Hash
43fde4c1a1d70edc39f8777afbe7409e
d57fa3a3ec5dcfabded2dd76befe29415e2349af
ba99b1b810055bceb8f128b4e0c6bc285bc32c8fa346a01e880b92d85293a83d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/12.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:25:16 GMT
accept-ranges: bytes
content-length: 95120
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/11.png

103.28.36.173

200 OK

92 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/11.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 251, 8-bit/color RGB, interlaced\012- data
Size
92 kB (92005 bytes)
Hash
8e9e60fe6f631b57abfd482c6c3937d8
01cde8366d226a34692d4d68c8bb6151009d2b0e
d4075d25453b03e02a64c9d23a7f4fe5d965f0e9ab2bb114661b111ddb49803c

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/11.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:58 GMT
accept-ranges: bytes
content-length: 92005
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/2.png

103.28.36.173

200 OK

107 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/2.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (107131 bytes)
Hash
b6b49bf9049d17653458fb1c3a7c375c
b9de058382712683851c566b3b371b5c46f0ee69
95b6bd0875b9bda9721406e6d27c66a67d08fcdc8f3330531029e325ac121c19

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/2.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:20:24 GMT
accept-ranges: bytes
content-length: 107131
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/5.png

103.28.36.173

200 OK

107 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/5.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
107 kB (106756 bytes)
Hash
51b9d59d7f79aa587ca71d98f712a7c1
17dfc1a3852716ddc8f39313b55e4556f1f69ad5
e27468942dd7ac760090d1ff7e1631cccdc6656c00398faa7d2d344578cd09cb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/5.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:22:20 GMT
accept-ranges: bytes
content-length: 106756
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/9.png

103.28.36.173

200 OK

103 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/9.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, interlaced\012- data
Size
103 kB (103373 bytes)
Hash
e7b6a8128f5d72dcc5fd42b94b77f004
a58fdda6e4b6b5fa3d9ceae33199d447a8a6c602
3871fd9d5f1b65e0fb24174edd033440c868c4cfeb37d2d133f6e07aca3f896a

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/9.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:26 GMT
accept-ranges: bytes
content-length: 103373
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/13.png

103.28.36.173

200 OK

109 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/13.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 196, 8-bit/color RGB, interlaced\012- data
Size
109 kB (108803 bytes)
Hash
707f8a4a8840973f3919ad4a76be3687
63d3f13d923867948b8288b082b9c40f9a7a0e86
cb3452320ca328cbdc146916a1e7aef20c95e7a6a111a4fd3cdf22a70358b3ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/13.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:25:28 GMT
accept-ranges: bytes
content-length: 108803
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/16.png

103.28.36.173

200 OK

100 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/16.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
100 kB (100245 bytes)
Hash
c6788f80fa76ac62dd7573b6193bdea9
37d29e092c2f936de5c82f66536519fe559b9c3d
b2c46f6a6743a4c4f61e530b1503de352ee9d7f6c8cd76f8c779598b70fcf197

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/16.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:36 GMT
accept-ranges: bytes
content-length: 100245
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/21.png

103.28.36.173

200 OK

117 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/21.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 230, 8-bit/color RGB, interlaced\012- data
Size
117 kB (117173 bytes)
Hash
9ac92bf24f80552382f0e99ead440186
176694e94e618027274873eff574067e9e48135e
95bb032f1cff362206f999d585b1cd975487119c93237d72bc373b01f2329175

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/21.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:28:18 GMT
accept-ranges: bytes
content-length: 117173
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/8.png

103.28.36.173

200 OK

125 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/8.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
125 kB (125410 bytes)
Hash
f093ee903d6f43c370c925af44b966d5
71785dd0ee0e615c6df8cf1f9a7ea7a5149eea90
99cfdf22661fd4a7c4b8cd49e52972e76ecad8aaf1687bb81ed5b3e3503e76d5

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/8.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:24:02 GMT
accept-ranges: bytes
content-length: 125410
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/18.png

103.28.36.173

200 OK

140 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/18.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 227, 8-bit/color RGB, interlaced\012- data
Size
140 kB (139548 bytes)
Hash
f7e70e0d5add2d94d0f3e8432d7baed0
7d9ab25f952c0b0698bed32f31cb19293de7c49d
c8b4bcc48182a5f8da6559eea64cac6578d4b0b58892b3ed64596ee28dcfb2cc

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/18.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:27:52 GMT
accept-ranges: bytes
content-length: 139548
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/14.png

103.28.36.173

200 OK

154 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/14.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 253, 8-bit/color RGB, interlaced\012- data
Size
154 kB (154411 bytes)
Hash
6ab05a424ab5612476448a38443a76da
aedc245c79cc6152abd3946d9b59a89b9b4e6c4b
e0c4245df4fc947391898593ed6e628a6a919f297d9fda3a9851ec740cae21b6

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/14.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 25 Mar 2020 09:26:02 GMT
accept-ranges: bytes
content-length: 154411
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/HOPTACVN/cty/24.png

103.28.36.173

200 OK

150 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/HOPTACVN/cty/24.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGB, interlaced\012- data
Size
150 kB (150221 bytes)
Hash
2b6f1eeaa49fe0993de8ef634dfc56dd
8d011dca3f065cdba2d65d4d5e432d949be56757
6848b87feb009ba459d646dd3fdad778563bcd58ad464dd6800ddace0e2cf311

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HOPTACVN/cty/24.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 01 Apr 2020 19:25:06 GMT
accept-ranges: bytes
content-length: 150221
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/7.png

103.28.36.173

200 OK

233 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/video/7.png
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 860 x 539, 8-bit/color RGB, non-interlaced\012- data
Size
233 kB (232703 bytes)
Hash
b7daa6ab54c925dad4d6eb37924d9a96
d02b65c12a10c66fdc99e768e4d28efa275676d1
191285ab6699ffe5cec1090eaa5116784affb1a70a7111847d2923fc9783b3db

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/7.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Fri, 08 Sep 2023 06:56:09 GMT
accept-ranges: bytes
content-length: 232703
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/video/6.png

103.28.36.173

689 kB

URL
khaithaclothien.edu.vn/images/video/6.png
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
PNG image data, 860 x 550, 8-bit/color RGB, non-interlaced\012- data
Size
689 kB (688637 bytes)
Hash
afa26e145b0ef4984b35c601c0e83ab2
5544596ed01329458993d00a48e809b4419f15c0
75f50863fccb109feadd028b788c6ec8ccd76ec85fffc26c0e3329745d463b88

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/video/6.png HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
last-modified: Fri, 08 Sep 2023 06:55:05 GMT
accept-ranges: bytes
content-length: 688637
content-type: image/png
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/01.jpg

103.28.36.173

328 kB

URL GET
khaithaclothien.edu.vn/images/slide/01.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:39:52], baseline, precision 8, 860x550, components 3\012- data
Size
328 kB (328451 bytes)
Hash
a55756fdd5c612c3625917d996313c55
def6b78d43cceea1e707fded204b1045c760d378
ba26447039c3800aeb276f47e2e0fd195fbff40cdbd9a9d9d6a1bd4863eb8cf8

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/01.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:17 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:45 GMT
accept-ranges: bytes
content-length: 328451
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:17 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:18 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:18 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/02.jpg

103.28.36.173

200 OK

375 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/02.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 508x508, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:34:58], baseline, precision 8, 860x550, components 3\012- data
Size
375 kB (374642 bytes)
Hash
65ce3141b2bc1c1e32cca2fcaf2ace2e
87dbdebfbb1fef41f822a6a13ad7dfd12db22dc9
0da5c6d60218e1f805590c1cb46b8992fedd8bcddc51ae3fb7149ad32248fd9d

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/02.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:19 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:49 GMT
accept-ranges: bytes
content-length: 374642
content-type: image/jpeg
X-Firefox-Spdy: h2

humg.edu.vn/content/hinhanhvideo/ThuVienVideo/Video_2018.mp4

203.171.26.243

416 kB

URL GET
humg.edu.vn/content/hinhanhvideo/ThuVienVideo/Video_2018.mp4
IP
203.171.26.243:0
ASN
#45903 CMC Telecom Infrastructure Company

Requested by
https://khaithaclothien.edu.vn/modules/mod_video/video.php
Certificate
IssuerGlobalSign nv-sa
Subject*.humg.edu.vn
Fingerprint9E:7A:CC:D2:AF:82:00:E9:B3:26:A0:04:A1:FF:8A:39:1A:9E:FD:2B
ValidityThu, 15 Dec 2022 04:12:02 GMT - Wed, 10 Jan 2024 04:56:01 GMT

File type
data
Size
416 kB (416253 bytes)
Hash
9ac86d7a3a59498f08d5699dfd68ed7d
9f3538b8861d2177e9f9bcb0381bda8bdf176fb9
7ffff224c8df310b72a196b72752b293e58ff8e574d7393a9f041934b8e4cfeb

HTTP Headers

GET /content/hinhanhvideo/ThuVienVideo/Video_2018.mp4 HTTP/1.1
Host: humg.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=111411200-
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Cache-Control: public, max-age=86400
Content-Length: 416253
Content-Type: video/mp4
Content-Range: bytes 111411200-111827452/111827453
Last-Modified: Fri, 11 Jun 2021 04:24:58 GMT
Accept-Ranges: bytes
ETag: "{5B30C0CC-2E9B-4530-9BD9-1E1AD287ABED},11pub"
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
SPRequestGuid: e9bbf5a0-867a-a0ff-ca73-9ebe5ef54785
request-id: e9bbf5a0-867a-a0ff-ca73-9ebe5ef54785
X-FRAME-OPTIONS: SAMEORIGIN
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 15.0.0.4797
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
Date: Fri, 08 Dec 2023 13:15:36 GMT

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:20 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:21 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:21 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/03.jpg

103.28.36.173

445 kB

URL GET
khaithaclothien.edu.vn/images/slide/03.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:07], baseline, precision 8, 860x550, components 3\012- data
Size
445 kB (444766 bytes)
Hash
a2d7eaa5e9edc2dd542fa324c0cf4657
952c6b927eee66360b07f58f559aa4995d9ebfa6
6bf557c31a8a4a39c78fe2cc0bb36f5e55ae297fe5b908341e526529658c42ca

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/03.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:22 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:42:52 GMT
accept-ranges: bytes
content-length: 444766
content-type: image/jpeg
X-Firefox-Spdy: h2

humg.edu.vn/content/hinhanhvideo/ThuVienVideo/Video_2018.mp4

203.171.26.243

416 kB

URL GET
humg.edu.vn/content/hinhanhvideo/ThuVienVideo/Video_2018.mp4
IP
203.171.26.243:0
ASN
#45903 CMC Telecom Infrastructure Company

Requested by
https://khaithaclothien.edu.vn/modules/mod_video/video.php
Certificate
IssuerGlobalSign nv-sa
Subject*.humg.edu.vn
Fingerprint9E:7A:CC:D2:AF:82:00:E9:B3:26:A0:04:A1:FF:8A:39:1A:9E:FD:2B
ValidityThu, 15 Dec 2022 04:12:02 GMT - Wed, 10 Jan 2024 04:56:01 GMT

File type
data
Size
416 kB (416253 bytes)
Hash
9ac86d7a3a59498f08d5699dfd68ed7d
9f3538b8861d2177e9f9bcb0381bda8bdf176fb9
7ffff224c8df310b72a196b72752b293e58ff8e574d7393a9f041934b8e4cfeb

HTTP Headers

GET /content/hinhanhvideo/ThuVienVideo/Video_2018.mp4 HTTP/1.1
Host: humg.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=111411200-
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Cache-Control: public, max-age=86400
Content-Length: 416253
Content-Type: video/mp4
Content-Range: bytes 111411200-111827452/111827453
Last-Modified: Fri, 11 Jun 2021 04:24:58 GMT
Accept-Ranges: bytes
ETag: "{5B30C0CC-2E9B-4530-9BD9-1E1AD287ABED},11pub"
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
SPRequestGuid: eabbf5a0-f60c-a0ff-ca73-9a54d866fb25
request-id: eabbf5a0-f60c-a0ff-ca73-9a54d866fb25
X-FRAME-OPTIONS: SAMEORIGIN
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 15.0.0.4797
X-Content-Type-Options: nosniff
X-MS-InvokeApp: 1; RequireReadOnly
Date: Fri, 08 Dec 2023 13:15:39 GMT

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:23 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:24 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans

142.250.74.138

200 OK

306 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
306 kB (306141 bytes)
Hash
68265dde077b6e2f33653812ecb87b3c
b15b36fc601ac8ee9d27506da6756a401c630de6
a06ee2930f4554027e1f11ec16771fa6d561ebc28f4fb2174eabe8d12ee087d8

HTTP Headers

GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 13:23:14 GMT
date: Fri, 08 Dec 2023 13:23:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

khaithaclothien.edu.vn/images/slide/04.jpg

103.28.36.173

386 kB

URL GET
khaithaclothien.edu.vn/images/slide/04.jpg
IP
103.28.36.173:0
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:36:36], baseline, precision 8, 860x550, components 3\012- data
Size
386 kB (386464 bytes)
Hash
f303e2e7e3f6ee1ae7d674a191bbda0b
d66dd7e0f74dbc76c160d2a2357a89cbd8c6e76a
4aebb635ce3674e75c2eb60ef20ee3b9b8e50671836707c8c8ce4b2d654e6759

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/04.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:25 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:44:31 GMT
accept-ranges: bytes
content-length: 386464
content-type: image/jpeg
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

123 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max speed, from Unix\012- data
Size
123 kB (123360 bytes)
Hash
ff56d2aeee26dc1ddf613723b8504611
c42ff00e3c14fc6bd85f3cea759d52a2357dd5f5
3d14fba571a15900952f5505b208bf737511fb916aea4342a5a763cd3f3f9818

HTTP Headers

GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 13:23:26 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=90
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-01-19-16-42-22.chain; p384ecdsa=KtPZTwaX92_U12rEU8St-UiVYGtdPHGkwdF19BAhQdiq6iYiI7uuR6ndlYwlUSb5aBdk9Az5xS1y8LEu31q3YTxWk6FJa_sfg8d6i4K6xHufHYtc4Uj9Yn7iAjaXaTX-
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

62.115.252.115

512 kB

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115:0
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

HTTP Headers

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx15b69f172b404fa58b2bb-006555fb11dfw1
Cache-Control: public, max-age=103731
Expires: Sat, 09 Dec 2023 18:12:17 GMT
Date: Fri, 08 Dec 2023 13:23:26 GMT
Connection: keep-alive

khaithaclothien.edu.vn/images/slide/05.jpg

103.28.36.173

200 OK

306 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/05.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:37:06], baseline, precision 8, 860x550, components 3\012- data
Size
306 kB (305504 bytes)
Hash
52cd1839593ccfae5745d8e01418eade
32ebc81099e3d0037e349e9a944e1069af0b108d
bc78e599a480b20f1c34517af9fbd05e7f39706db0a7507198f7e31b53d124eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/05.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:26 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:00 GMT
accept-ranges: bytes
content-length: 305504
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/images/slide/05.jpg

103.28.36.173

200 OK

306 kB

URL GET HTTP/2
khaithaclothien.edu.vn/images/slide/05.jpg
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2023:10:04 22:37:06], baseline, precision 8, 860x550, components 3\012- data
Size
306 kB (305504 bytes)
Hash
52cd1839593ccfae5745d8e01418eade
32ebc81099e3d0037e349e9a944e1069af0b108d
bc78e599a480b20f1c34517af9fbd05e7f39706db0a7507198f7e31b53d124eb

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/slide/05.jpg HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:27 GMT
server: Apache
last-modified: Wed, 04 Oct 2023 15:43:00 GMT
accept-ranges: bytes
content-length: 305504
content-type: image/jpeg
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_video/video.php

103.28.36.173

200 OK

843 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_video/video.php
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (934), with no line terminators
Size
843 B (843 bytes)
Hash
d87e4e503bb72c31e4b70212d3e45154
c3e617bda4f05a9c3d7c8369fff56141eb0de47e
887d4b776734701686d359b7c43c07c69f37234089bfaffdce47f87dab98e378

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_video/video.php HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0; ws=1280
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:15 GMT
server: Apache
x-powered-by: PHP/7.4.33
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

khaithaclothien.edu.vn/modules/mod_video/video.php

103.28.36.173

200 OK

843 B

URL GET HTTP/2
khaithaclothien.edu.vn/modules/mod_video/video.php
IP
103.28.36.173:443
ASN
#131353 NhanHoa Software company

Requested by
https://khaithaclothien.edu.vn/
Certificate
IssuercPanel, Inc.
Subjectkhaithaclothien.edu.vn
Fingerprint13:9D:E7:0A:54:02:B0:6E:BF:BD:2E:F1:D1:CB:3B:33:E2:0B:C9:65
ValidityTue, 17 Oct 2023 00:00:00 GMT - Mon, 15 Jan 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (934), with no line terminators
Size
843 B (843 bytes)
Hash
d87e4e503bb72c31e4b70212d3e45154
c3e617bda4f05a9c3d7c8369fff56141eb0de47e
887d4b776734701686d359b7c43c07c69f37234089bfaffdce47f87dab98e378

Detections

Analyzer	Verdict	Alert
mnemonic secure dns	malicious	Sinkholed
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /modules/mod_video/video.php HTTP/1.1
Host: khaithaclothien.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khaithaclothien.edu.vn/
Cookie: 2f67721e7b74ef569aeab95ee4b326d6=6e263dab000b19b9f1d76b530298c1de; cip_vvisitcounter=OTEuOTAuNDIuMTU0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:23:12 GMT
server: Apache
x-powered-by: PHP/7.4.33
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

khoamo.humg.edu.vn/file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg

0.0.0.0

0 B

URL GET
khoamo.humg.edu.vn/file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://khaithaclothien.edu.vn/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg HTTP/1.1
Host: khoamo.humg.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

khoamo.humg.edu.vn/file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg

0.0.0.0

0 B

URL GET
khoamo.humg.edu.vn/file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://khaithaclothien.edu.vn/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /file/Tin-Tuc/Ba%CC%89o%20v%C3%AA%CC%A3%20TS/z4296693291487_b5156f120e88fe8c5d768680bc26d294.jpg HTTP/1.1
Host: khoamo.humg.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by