r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10243
Expires: Tue, 06 Dec 2022 08:24:02 GMT
Date: Tue, 06 Dec 2022 05:33:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1272
Cache-Control: max-age=105552
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:19 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:52:31 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 05:20:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 777
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10322
Expires: Tue, 06 Dec 2022 08:25:21 GMT
Date: Tue, 06 Dec 2022 05:33:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: la+DltyKaI1yThbXWZNeglm6AE3mtpgTIyFKBdZs00dSeGFjvVycQ3E5Vt54Fr9sB+FCRi1lAXs=
x-amz-request-id: YN9Q32CXDF8KY5SJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 04:46:58 GMT
age: 2781
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
seazen.edu.vn/nids/offerclague
27.71.234.16301 Moved Permanently 246 B URL HTTP/1.1 seazen.edu.vn/nids/offerclague
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fb06c5eaaa416e234439dadc539eac4c
0998081faa3e0c8727a844279b9a3db7f38294c5
cc7ca112265688403f775e82f4cc301d247bd9bec068430c832b5e4cac36fff7
Analyzer Verdict Alert fortinet Malware
GET /nids/offerclague HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 05:33:19 GMT
Server: Apache/2
Location: https://seazen.edu.vn/nids/offerclague
Content-Length: 246
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 05:33:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 05:11:20 GMT
cache-control: public,max-age=3600
age: 1319
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1267
Cache-Control: max-age=100480
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:19 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:27:59 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f9a241da5d900f77fc476c9be0f57214
a452a11f3fc05126fd7c8e9836d3066d4f8887c3
94807765e294a849ccc42ecffc3fc59bb537758d16cad4159e88855092fc8012
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94807765E294A849CCC42ECFFC3FC59BB537758D16CAD4159E88855092FC8012"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21513
Expires: Tue, 06 Dec 2022 11:31:52 GMT
Date: Tue, 06 Dec 2022 05:33:19 GMT
Connection: keep-alive
seazen.edu.vn/nids/offerclague
27.71.234.16200 OK 4.5 kB URL HTTP/1.1 seazen.edu.vn/nids/offerclague
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5628), with CRLF line terminators
Hash 2ff43a7bd51618687f59e4520d9e38c5
c91a22f657a7167a889666ff93511cea220d8040
92fde46e9cc1eb89e02d6826e713c9780d131dc37afe5a5e9d936a423322a735
Analyzer Verdict Alert fortinet Malware
GET /nids/offerclague HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Set-Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; expires=Tue, 06-Dec-2022 07:33:20 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4535
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dgGxwSONEdXjADtQI3MCDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eUl6dI1203YDtjX/1B1k6XH3Gkg=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0ab4063cc75fc4424a8d40cb48bf7a1a
fcc3d23ac256350532af6113d8d9c161eb13ad28
b61f0448e5f1eea498870dc5a8522aeeaccbc0cecff7266b74d17a12da5840fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1048
Cache-Control: max-age=130499
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Etag: "638e2acb-116"
Expires: Wed, 07 Dec 2022 17:48:19 GMT
Last-Modified: Mon, 05 Dec 2022 17:30:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0ab4063cc75fc4424a8d40cb48bf7a1a
fcc3d23ac256350532af6113d8d9c161eb13ad28
b61f0448e5f1eea498870dc5a8522aeeaccbc0cecff7266b74d17a12da5840fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1048
Cache-Control: max-age=130499
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Etag: "638e2acb-116"
Expires: Wed, 07 Dec 2022 17:48:19 GMT
Last-Modified: Mon, 05 Dec 2022 17:30:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.5.1.slim.min.js
69.16.175.10200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65245)
Hash 63f8c134408852106835db2f928cf0e0
7ca0035d2a05154f1f93e19793b2298973cc8733
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:33:20 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670304800.dop001.sk1.t,1670304800.cds262.sk1.hn,1670304800.cds202.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 0ab4063cc75fc4424a8d40cb48bf7a1a
fcc3d23ac256350532af6113d8d9c161eb13ad28
b61f0448e5f1eea498870dc5a8522aeeaccbc0cecff7266b74d17a12da5840fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1048
Cache-Control: max-age=130499
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Etag: "638e2acb-116"
Expires: Wed, 07 Dec 2022 17:48:19 GMT
Last-Modified: Mon, 05 Dec 2022 17:30:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=G-2LVZYDPL5L
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-2LVZYDPL5L
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 1d00ea94d2b0376b72109e42a8b19c67
e59ae5a548edf2e51eb88235d9ac4130a60e1a6a
97aaa731756b17fee166cde1810f231f1e9e119a25befd271304bd8674094fe6
GET /gtag/js?id=G-2LVZYDPL5L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 05:33:20 GMT
expires: Tue, 06 Dec 2022 05:33:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seazen.edu.vn/styles.cfefd55e466c338c1adf.css
27.71.234.16200 OK 6.0 kB URL HTTP/1.1 seazen.edu.vn/styles.cfefd55e466c338c1adf.css
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (20228), with no line terminators
Hash 35211b7ead82e3de3a45a03b4d7e6040
0154541c20fa9eebdf69b78713885173c06f17f9
4e23e09713c057d176715666d7fc5664e016769d17da084cdc850858e4e749f6
GET /styles.cfefd55e466c338c1adf.css HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:35 GMT
ETag: "4f04-5ed0456c92b75-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6004
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
seazen.edu.vn/assets/fontawesome/all.min.css
27.71.234.16200 OK 35 kB URL HTTP/1.1 seazen.edu.vn/assets/fontawesome/all.min.css
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with CRLF, CR line terminators
Hash 2d8f4a9521b9e66253e35c4d3e766805
36fb32962b90084dca4e4f569ac95237832027c9
1d2789d5620feaa2670d753b17a247c4df42b9dab4b717bde639e1cd914e4fc8
GET /assets/fontawesome/all.min.css HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "37a95-5ed0456ebf2b1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 34992
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
seazen.edu.vn/assets/fancybox/jquery.fancybox.min.css
27.71.234.16200 OK 3.3 kB URL HTTP/1.1 seazen.edu.vn/assets/fancybox/jquery.fancybox.min.css
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 text, with very long lines (13705), with no line terminators
Hash 5df5dc3d8c4f252ea36e92ab3627236d
12a650c8b13bdb5475cacc18e1df8983abc6c2eb
630468bc86a1ec18ab52478868cecadfcae272df665468ad23e0abbac0d260ae
GET /assets/fancybox/jquery.fancybox.min.css HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "358a-5ed0456eb7d7e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3315
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/css
seazen.edu.vn/assets/js/js.js
27.71.234.16200 OK 433 B URL HTTP/1.1 seazen.edu.vn/assets/js/js.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with CRLF line terminators
Hash a3a3bb93ee5e8485f5d908871a684051
9e3b3bef2a21b364fdac29143965cc046d696f80
e74239460a932216389db97bd4755d721a7c2343b22cbb5f4002e5e6e6da7530
Analyzer Verdict Alert fortinet Malware
GET /assets/js/js.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "306-5ed0456edd336-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 433
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
216.58.207.234200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 216.58.207.234:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:07:50 GMT
expires: Tue, 06 Dec 2022 06:07:50 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 1531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seazen.edu.vn/runtime.6c2dcd5a34f621da564d.js
27.71.234.16200 OK 1.8 kB URL HTTP/1.1 seazen.edu.vn/runtime.6c2dcd5a34f621da564d.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (3191), with no line terminators
Hash 99ce446ee1ecb311e35c4680929c0c9a
1d886d6c021218713bbeb931d910f157ac3091db
cd5111823620b952c7e7ebd432fc709e3b519559eaff4908226cf68ec2fd528c
Analyzer Verdict Alert fortinet Malware
GET /runtime.6c2dcd5a34f621da564d.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:35 GMT
ETag: "c77-5ed0456c8c5e2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1756
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-2LVZYDPL5L>m=2oebu0&_p=838632945&cid=605330308.1670304798&ul=en-us&sr=1280x1024&_s=1&sid=1670304797&sct=1&seg=0&dl=https%3A%2F%2Fseazen.edu.vn%2Fnids%2Fofferclague&dt=Tr%C6%B0%E1%BB%9Dng%20%C4%90%C3%A0o%20T%E1%BA%A1o%20Ngh%E1%BB%81%20An%20Ninh%20-%20B%E1%BA%A3o%20V%E1%BB%87&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2LVZYDPL5L>m=2oebu0&_p=838632945&cid=605330308.1670304798&ul=en-us&sr=1280x1024&_s=1&sid=1670304797&sct=1&seg=0&dl=https%3A%2F%2Fseazen.edu.vn%2Fnids%2Fofferclague&dt=Tr%C6%B0%E1%BB%9Dng%20%C4%90%C3%A0o%20T%E1%BA%A1o%20Ngh%E1%BB%81%20An%20Ninh%20-%20B%E1%BA%A3o%20V%E1%BB%87&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2LVZYDPL5L>m=2oebu0&_p=838632945&cid=605330308.1670304798&ul=en-us&sr=1280x1024&_s=1&sid=1670304797&sct=1&seg=0&dl=https%3A%2F%2Fseazen.edu.vn%2Fnids%2Fofferclague&dt=Tr%C6%B0%E1%BB%9Dng%20%C4%90%C3%A0o%20T%E1%BA%A1o%20Ngh%E1%BB%81%20An%20Ninh%20-%20B%E1%BA%A3o%20V%E1%BB%87&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://seazen.edu.vn
date: Tue, 06 Dec 2022 05:33:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seazen.edu.vn/assets/fancybox/jquery.fancybox.min.js
27.71.234.16200 OK 18 kB URL HTTP/1.1 seazen.edu.vn/assets/fancybox/jquery.fancybox.min.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type Unicode text, UTF-8 text, with very long lines (36365), with CRLF line terminators
Hash 003858b98a5fde30222669432f117b40
ac6c2a7ab063cd082209e33c309a112db158418f
adeb014c81c774c4396a05a7a1b617f97bf9a950017c6daae9b520714d9e927a
Analyzer Verdict Alert fortinet Malware
GET /assets/fancybox/jquery.fancybox.min.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "ea4e-5ed0456ec1dab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 17569
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:33:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:33:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:33:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:33:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10349
Expires: Tue, 06 Dec 2022 08:25:50 GMT
Date: Tue, 06 Dec 2022 05:33:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 25858
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6nXJg548cHz0REe43NepPeMmnFBAiWO_Fwy2PCKbco4XhNZnBs0Jhw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:46:52 GMT
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
age: 27989
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WMeay1i2pxnboCB3Qcwb2ray4tnyEzO89tQrHCfGdI3s9kJsMWvzBw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:19:52 GMT
age: 4409
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
seazen.edu.vn/api/home/getHeaderInfo
27.71.234.16200 OK 209 B URL HTTP/1.1 seazen.edu.vn/api/home/getHeaderInfo
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash c15ed5dcaf4093ae20727af4f644efba
3a413a919b7bf093d17f3ec240601d16f863fb5b
7880a370f534aa5c52b92295a9367a8cecd6a2871defd93bd64ce66405c00d62
Analyzer Verdict Alert fortinet Malware
GET /api/home/getHeaderInfo HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://seazen.edu.vn/nids/offerclague
Connection: keep-alive
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 209
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6jWrhftx7tANXoWkKtCCjzm66zJDY13bpoA-7qVaZJNHEGsJS8dniw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:05:41 GMT
age: 5260
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 7c6de5da-a534-4b39-ba5a-b3613404bbaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAaTEHuIAMFuKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4774-01fdb62864e594235b569f78;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:08:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iNIswtAzDZrcEhTO1li8CCP7VfwpfFdP8gJPCcm222TGPA2JSlMJRw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:25:07 GMT
age: 79694
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
104.16.87.20200 OK 36 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 104.16.87.20:0
File type ASCII text, with very long lines (65326)
Hash f3c4d7be3dcac06c68d55f0a9c433897
c9d94699623ac1586ec0f5dd9f7ba5607e440c39
09bf94ab0dd85dc6b0e5daf7e70980b7bae4ba829c24dfc5b3486dbf2aff1438
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:33:20 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
x-served-by: cache-fra19138-FRA, cache-cdg20754-CDG
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 6761364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fn23Op0us26G%2BdvLN6CcN3azuvnuV%2B2muoYBmxi%2BO0VdtifbMLsKsG%2FgqKu2oHdMAhlHsKqY8yFGGFfHKelTfR%2Fmb8asriK2QY6fNbJvJqLn4pnS062oDjdjq7oIfR7Dk3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7752a56a78da0af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
seazen.edu.vn/api/home/getLanguages
27.71.234.16200 OK 203 B URL HTTP/1.1 seazen.edu.vn/api/home/getLanguages
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (440), with no line terminators
Hash 4bb3183633af3e5da1c18995fdf186f1
60a4120964189867fa0906beb54d685aef299cea
b7ae550d2ab1b71236a0517651e48177eb116271668346400302ea562957db71
Analyzer Verdict Alert fortinet Malware
GET /api/home/getLanguages HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://seazen.edu.vn/nids/offerclague
Connection: keep-alive
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 203
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/polyfills.4d86510d37a9f0331f27.js
27.71.234.16200 OK 15 kB URL HTTP/1.1 seazen.edu.vn/polyfills.4d86510d37a9f0331f27.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (44989), with no line terminators
Hash eea1bc7b9ae711a3b32f4c673d40a1b4
5aec22e9c3393562f827daf29ecc6f0622bbfa21
90ec1bd4c491302f0686f23ca86861a8802481a6064a797f0234e364a1f9e7af
Analyzer Verdict Alert fortinet Malware
GET /polyfills.4d86510d37a9f0331f27.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:20 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:35 GMT
ETag: "afbd-5ed0456c8ae72-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14727
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/public/language/flag-vi_1636442018.jpg
27.71.234.16200 OK 1.2 kB URL HTTP/1.1 seazen.edu.vn/public/language/flag-vi_1636442018.jpg
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 118x118, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=3], baseline, precision 8, 50x38, components 3\012- data
Hash 28826806c6dd7c3f3b815ee30bce05f3
3ee80fb718886cd30a6c457dcd4b7762332e06a4
e9bb90b9a15e21be4ad1a478ad1477ac1476285370bcde8bf532567ccf6d09dd
GET /public/language/flag-vi_1636442018.jpg HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:10:49 GMT
ETag: "4ca-5ed045b3c3ee5"
Accept-Ranges: bytes
Content-Length: 1226
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
seazen.edu.vn/public/language/flag-en_1636442035.jpg
27.71.234.16200 OK 6.5 kB URL HTTP/1.1 seazen.edu.vn/public/language/flag-en_1636442035.jpg
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JPEG image data, baseline, precision 8, 75x50, components 3\012- data
Hash 9516e5d491e325f6b2d1c06bcc43f78d
d641b47c5e22b9517b7d7ea552012f5eba8a7842
e90b708ec8956203841a1d9b958f4be4eafeceeccb83c9a2e6ddc3d03c3925cc
GET /public/language/flag-en_1636442035.jpg HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:10:49 GMT
ETag: "1978-5ed045b3c42cd"
Accept-Ranges: bytes
Content-Length: 6520
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
seazen.edu.vn/main.5a4d490df7058ada4002.js
27.71.234.16200 OK 156 kB URL HTTP/1.1 seazen.edu.vn/main.5a4d490df7058ada4002.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (155517 bytes)
Hash 63dcbd0da09ab3a589b93ad93342754f
83606370fafb81b942d87a6c56ef131abf884e09
c594a1c540e94957b11187bbaac445fa426f5efce177aaaf041b2a61ac32b3da
Analyzer Verdict Alert fortinet Malware
GET /main.5a4d490df7058ada4002.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:35 GMT
ETag: "91799-5ed0456c7c024-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
seazen.edu.vn/SF_Pro_Potopath.1e1c0e29b79b49a6ff4d.ttf
27.71.234.16200 OK 146 kB URL HTTP/1.1 seazen.edu.vn/SF_Pro_Potopath.1e1c0e29b79b49a6ff4d.ttf
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type TrueType Font data, 16 tables, 1st "BASE", 42 names, Macintosh\012- data
Size 146 kB (146037 bytes)
Hash f15a64c2460d4750532f002d4a57c269
8a808c4a4c75aade1fc8a10190748a8a1a642b29
c42b6011a31673dbc8ffef4874f008472550dff7910089425463a502726d5e8f
Analyzer Verdict Alert fortinet Malware
GET /SF_Pro_Potopath.1e1c0e29b79b49a6ff4d.ttf HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/styles.cfefd55e466c338c1adf.css
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:21 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "650e4-5ed0456c5241b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-font-ttf
seazen.edu.vn/assets/i18n/vi.json
27.71.234.16200 OK 3.9 kB URL HTTP/1.1 seazen.edu.vn/assets/i18n/vi.json
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with CRLF line terminators
Hash 89e9af5c723c6c5dd536b7fd8129b70a
ba2bcce6a9d28cb62621dc4d72456a5177b936aa
3bd5fab7767d428615594b0dc9e466f7f8f09f00c76470ed07c9c4bd594f808c
Analyzer Verdict Alert fortinet Malware
GET /assets/i18n/vi.json HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:38 GMT
ETag: "346c-5ed0456f5e5d3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3877
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/json
seazen.edu.vn/8.a3a9c0bee256b351aa76.js
27.71.234.16200 OK 4.6 kB URL HTTP/1.1 seazen.edu.vn/8.a3a9c0bee256b351aa76.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (18238), with no line terminators
Hash 0ee27f3582b4590c0a8a854ef6ce14c7
d6c697205c14a426e697ae394f7053e18f210bea
f0c283f26aa518767eb524d565001d74c1501813ff803fd07575996ab7b240cd
Analyzer Verdict Alert fortinet Malware
GET /8.a3a9c0bee256b351aa76.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "473e-5ed0456c47c1e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4558
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/common.2ccd8a8f2a59243fe85f.js
27.71.234.16200 OK 2.4 kB URL HTTP/1.1 seazen.edu.vn/common.2ccd8a8f2a59243fe85f.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (6868), with no line terminators
Hash 89be05e48437aada842f8f96bbc52283
4cf14626b81c8a6fe84fc43dd819e53c98ac1f0f
84f6af6d77b22516cf190e2b260f07f2ddb5846ad3b6178accbebfaea243a0d6
Analyzer Verdict Alert fortinet Malware
GET /common.2ccd8a8f2a59243fe85f.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:35 GMT
ETag: "1ad4-5ed0456c5bc77-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2383
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/1.de5f4962554ca6fdd933.js
27.71.234.16200 OK 2.9 kB URL HTTP/1.1 seazen.edu.vn/1.de5f4962554ca6fdd933.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (9125), with no line terminators
Hash 2648310fee6ade04fd98647d15008d18
c9c9493caed30d45b9f8827e49e0d12a3f897ec9
41d28c08c447f4aed52b96e5a19c5d781794acaa71fdc34f25bb43fd9c331d83
Analyzer Verdict Alert fortinet Malware
GET /1.de5f4962554ca6fdd933.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "23a5-5ed0456b9d930-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2859
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/api/company?mask=getcompany
27.71.234.16200 OK 545 B URL HTTP/1.1 seazen.edu.vn/api/company?mask=getcompany
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (1510), with no line terminators
Hash 74034e7a61fe4dc8bcd9570c4bfd4a78
1d4a1abdc8ddb6b76da2d2caf7858767f008dfbb
070d3e9aa3bf881e9eb41b79fb588b97148d7a0e7271e8e85556225667777b4b
Analyzer Verdict Alert fortinet Malware
POST /api/company?mask=getcompany HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 545
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/34.ee5d943a783b7e04d6e2.js
27.71.234.16200 OK 57 kB URL HTTP/1.1 seazen.edu.vn/34.ee5d943a783b7e04d6e2.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash 249724bd0f22c00b72505e125c5400d1
a6770867353cd984332da86552f8599d33140a94
ca3e13d3f2b08ae8ef1b40f311835afd9baad497ed5557fc319a080ea8afd89b
Analyzer Verdict Alert fortinet Malware
GET /34.ee5d943a783b7e04d6e2.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3efe2-5ed0456c07c94-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 56967
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/2.41ba70bec503699a11ca.js
27.71.234.16200 OK 39 kB URL HTTP/1.1 seazen.edu.vn/2.41ba70bec503699a11ca.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash eacab860df158b685724f006495ef368
fe43d04a569b79761b651be2738bf7922c334967
4f1f334cff8e62c6a7e1ab0cbbdc24685bf8e127e5c1a82ea9e22c7ddc4970dd
Analyzer Verdict Alert fortinet Malware
GET /2.41ba70bec503699a11ca.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "2afa8-5ed0456bc6599-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 38889
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/public/website/logo-only_1626344589.png
27.71.234.16200 OK 588 B URL HTTP/1.1 seazen.edu.vn/public/website/logo-only_1626344589.png
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e556cc0a37064053f7b442749cd5018
24ea95eb0373361b3dd84cad8d130514d02e0216
6377f530647e537ee5c7b3d544670fbbdfa72a8a87ac96d2add21890ef4203a3
GET /public/website/logo-only_1626344589.png HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:10:49 GMT
ETag: "24c-5ed045b373d84"
Accept-Ranges: bytes
Content-Length: 588
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: image/png
seazen.edu.vn/13.f04db28be8c7a396c2d1.js
27.71.234.16200 OK 5.3 kB URL HTTP/1.1 seazen.edu.vn/13.f04db28be8c7a396c2d1.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (18892), with no line terminators
Hash f3bbf7c826d4a009b1cef3abedbb20ee
b27958aef23ae7c71d999c6d8d4b941b34923517
9a1909f1f521bc62f4a036ea11c64b86611c3c96357ced6becb3537516988b9c
Analyzer Verdict Alert fortinet Malware
GET /13.f04db28be8c7a396c2d1.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "49cc-5ed0456ba0fe2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5340
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/40.454b907d990c3cb00842.js
27.71.234.16200 OK 6.9 kB URL HTTP/1.1 seazen.edu.vn/40.454b907d990c3cb00842.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (25952), with no line terminators
Hash bc3de910db80422e4f6d9f4d340a6f4f
4a3992671bda1cfb61e1bae7742a2dad71a0f333
5478c12b62ab5e036387a970c5adbd9db5e9972fe324f6559fb8107918d8da12
Analyzer Verdict Alert fortinet Malware
GET /40.454b907d990c3cb00842.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "6560-5ed0456c25548-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6865
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/api/pages/detail?mask=pagesDetail&link=offerclague&parent_link=nids
27.71.234.16200 OK 132 B URL HTTP/1.1 seazen.edu.vn/api/pages/detail?mask=pagesDetail&link=offerclague&parent_link=nids
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 504fbd9e35a0a1301d6c4ea71e6ef2de
ba1e64a85589f6db6c680459a7b877c421917fc5
4e41bab750b3326ada454d3753dca751dc51969a48eda0098af5f01b7abe5580
POST /api/pages/detail?mask=pagesDetail&link=offerclague&parent_link=nids HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 132
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/api/setting/language?mask=language&status=1
27.71.234.16200 OK 1.8 kB URL HTTP/1.1 seazen.edu.vn/api/setting/language?mask=language&status=1
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- HTML document, ASCII text, with very long lines (5675), with no line terminators
Hash 6498a0f7eb004cc3e76b83dc42afc0c4
632206b6f734cefaeccd718a04625d44e272f786
8124d4bc75f76266aac3e2d126ad1a74ca2cbf463d1902b95c3025e794593220
POST /api/setting/language?mask=language&status=1 HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1849
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/api/getmenu?mask=getMainMenu&position=menuMain
27.71.234.16200 OK 2.8 kB URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=getMainMenu&position=menuMain
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (11388), with no line terminators
Hash 4c5dc2207744db3918e0c318b1b9f236
dba896bf11f1b51bf211666ccd8637fc4f3cb2da
869903f32089cd3f2910badf15b5f583bedef019018838580e8bc39d2549eb40
POST /api/getmenu?mask=getMainMenu&position=menuMain HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2762
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/api/getmenu?mask=menuFooterPolicy&position=policy
27.71.234.16200 OK 248 B URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=menuFooterPolicy&position=policy
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with very long lines (356), with no line terminators
Hash 8b68e83460cd16b2333cf2025fa2a19a
9ffb68a1ed88d0d6bebb59fe635851c95d494585
a04487eb82136265b315febfb6d5b8e0833d2a29bc691291377af1a992cd7d63
POST /api/getmenu?mask=menuFooterPolicy&position=policy HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 248
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/3.59416faf94471843496c.js
27.71.234.16200 OK 9.2 kB URL HTTP/1.1 seazen.edu.vn/3.59416faf94471843496c.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (26028), with no line terminators
Hash c21613cd81b6157388524ee054dfd585
a5d9af95857086fc213c62291d5720f6ab4b3bcf
f5b483fe72bbfdaa75f96d5e1ce09ac4f3f62761f7e774eb2420ef9dafa136c1
Analyzer Verdict Alert fortinet Malware
GET /3.59416faf94471843496c.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "65ac-5ed0456bec709-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9150
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/public/website/sea-zen-logo_1626344589.png
27.71.234.16200 OK 20 kB URL HTTP/1.1 seazen.edu.vn/public/website/sea-zen-logo_1626344589.png
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type PNG image data, 705 x 239, 8-bit/color RGBA, non-interlaced\012- data
Hash 43053fd49e2c27941e6acce087028f04
ee65698583cb7f49977892769dc4787ffd3db34d
f884fcfbded27ac9e525067877df1eab1202520bb697ed15178f566d765776b8
GET /public/website/sea-zen-logo_1626344589.png HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:10:49 GMT
ETag: "4f66-5ed045b3a103e"
Accept-Ranges: bytes
Content-Length: 20326
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
seazen.edu.vn/16.39296677a3349b486ac0.js
27.71.234.16200 OK 7.2 kB URL HTTP/1.1 seazen.edu.vn/16.39296677a3349b486ac0.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (27327), with no line terminators
Hash d6f25b8317c44082caac90205a2ee63c
2b93eca510c239093d6e84554ff736a2b9054f5b
2ac947d841129ac287bb3bfcfdc7bef9ca01a2f164c203b92a64900c7b98dc1d
Analyzer Verdict Alert fortinet Malware
GET /16.39296677a3349b486ac0.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "6abf-5ed0456bb2929-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7233
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/api/getmenu?mask=menuFooterProducts&position=products
27.71.234.16200 OK 137 B URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=menuFooterProducts&position=products
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 161aa64a62c3da2061b423790fba369b
7d866b3bcdcfd5a5eb24c5f0d2a6783b1f203244
100b64fabec02dca755174ab06e45ca9bd5abb672b3cb50ac8e82c333bd68075
POST /api/getmenu?mask=menuFooterProducts&position=products HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 137
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/assets/img/contact-icon-zalo.jpg
27.71.234.16200 OK 4.4 kB URL HTTP/1.1 seazen.edu.vn/assets/img/contact-icon-zalo.jpg
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 529602073b964a131a8fd0b2cb7e06c9
d3b36cf0fcfda862dd5554afa312dc0d2f6cda41
7d38f775c64eba0105a9f88350b884e890b8293b7432f5f15682181f4ca9ffc8
GET /assets/img/contact-icon-zalo.jpg HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "1109-5ed0456f1d2c0"
Accept-Ranges: bytes
Content-Length: 4361
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
seazen.edu.vn/assets/img/contact-icon-fb.jpg
27.71.234.16200 OK 4.6 kB URL HTTP/1.1 seazen.edu.vn/assets/img/contact-icon-fb.jpg
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JPEG image data, baseline, precision 8, 64x64, components 3\012- data
Hash 68301696ce8c20cd8192c0e5a47ac841
4a570f67933912e4588898c73a2ccf4136898b13
4163c9dc02f08c5d200ae5027a25f2ce3272a53db8ca896af6764ac4430c4e86
GET /assets/img/contact-icon-fb.jpg HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "1210-5ed0456f0f412"
Accept-Ranges: bytes
Content-Length: 4624
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
seazen.edu.vn/api/getmenu?mask=menuFooterMenu&position=end
27.71.234.16200 OK 134 B URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=menuFooterMenu&position=end
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash efd607b5470b64be5aa4ad6546e89751
ab29670e2335a0f909fce2313d926f8b7eef04df
f80f2619a3ea087a7eda417e063ae1536017fdae9cba627540f92548512674c9
POST /api/getmenu?mask=menuFooterMenu&position=end HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 134
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/api/getmenu?mask=menuFooterPayment&position=payment
27.71.234.16200 OK 136 B URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=menuFooterPayment&position=payment
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash f9f00fa282b239832672e06e7f9950f6
29d022a6375cef2d53275429632f18f1f097fdd8
104f15d619a534b9ad9aeaa86325bccb796ec7ff3c0ffa7ed43fa190c3604ee7
POST /api/getmenu?mask=menuFooterPayment&position=payment HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 136
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/api/getmenu?mask=menuFooterService&position=services
27.71.234.16200 OK 137 B URL HTTP/1.1 seazen.edu.vn/api/getmenu?mask=menuFooterService&position=services
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash a854c216863952b9daede0a3b8c9ba4e
67d59436e62812d09dff172d0f7884db1513ff39
d2299cb2b7d0aea014404e808814a8b8c664c59d9f3dfbb1181529b46af57a23
POST /api/getmenu?mask=menuFooterService&position=services HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token , X-Alt-Referer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 137
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
seazen.edu.vn/19.d2b6468d9303610aa196.js
27.71.234.16200 OK 7.0 kB URL HTTP/1.1 seazen.edu.vn/19.d2b6468d9303610aa196.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (25271), with no line terminators
Hash eca45cc176ece7ac06d1ab419b3db07a
ae033bc9624037dce2a89bd487b965b091c1ad63
e3b7b1cf60c35ca039ee8943d6ac1d2423d00d88ebd8948e7011b76166237b50
Analyzer Verdict Alert fortinet Malware
GET /19.d2b6468d9303610aa196.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "62b7-5ed0456bbd8f6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6997
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/21.5f7ec096ca57e3748d3c.js
27.71.234.16200 OK 11 kB URL HTTP/1.1 seazen.edu.vn/21.5f7ec096ca57e3748d3c.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (45378), with no line terminators
Hash a9a3bf224ec5971809942f3467132639
253a612824b6fbbdffe8c2d2058d23591f0cd180
53392751bca880fe6b40f109a19eb7900e490703621c2216bc70388ea5fd1336
Analyzer Verdict Alert fortinet Malware
GET /21.5f7ec096ca57e3748d3c.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "b142-5ed0456bccb2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11199
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/15.2afbc56e90a0fdba5382.js
27.71.234.16200 OK 5.2 kB URL HTTP/1.1 seazen.edu.vn/15.2afbc56e90a0fdba5382.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (17283), with no line terminators
Hash ffbddb03e8fa39a26a941e2ef8a4f338
6cd4a4b99b1e72d33f3ff4f9a032573fe7f87ff1
b92c167dfe51d8a1a559a5550ae11474c0b995b2b752a99a90c4ab6d59528510
Analyzer Verdict Alert fortinet Malware
GET /15.2afbc56e90a0fdba5382.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "4383-5ed0456bacf4f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5151
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/38.5cdc8b96d6a0efa934e0.js
27.71.234.16200 OK 5.9 kB URL HTTP/1.1 seazen.edu.vn/38.5cdc8b96d6a0efa934e0.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (25733), with no line terminators
Hash cf5a8d765cf638edc09733d19e3dd68a
f830105bba3e4fcb864cfa8ccf752a47ff26882b
2c70ca212edde526482cf31867442db7ad0cb383ce114faff9cb69e95d27d613
Analyzer Verdict Alert fortinet Malware
GET /38.5cdc8b96d6a0efa934e0.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "6485-5ed0456c15372-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5896
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/36.c611f8edde970d50720e.js
27.71.234.16200 OK 7.4 kB URL HTTP/1.1 seazen.edu.vn/36.c611f8edde970d50720e.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (27918), with no line terminators
Hash e9dff46aaf150484eaf0a3044b0ef790
9d5fa169efcea33ecc2d0e4a6322db19b16484c4
5f3bf8060bb7ee3b46f4044d49cb1d2386cf2bb7c41fed453c0d7e4f346fcfe2
Analyzer Verdict Alert fortinet Malware
GET /36.c611f8edde970d50720e.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "6d0e-5ed0456c0cab6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7432
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/39.12cd4f2b64e5a3413a1d.js
27.71.234.16200 OK 14 kB URL HTTP/1.1 seazen.edu.vn/39.12cd4f2b64e5a3413a1d.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (55335), with no line terminators
Hash 59894fef6ef317b124df08decafb1b01
abfabc63a16470dd20d86465fd826d4da38bf2b1
5a71915a3f134c6206acae4ae4b301e811100d267f93e66f2dd5d188c40bcb0f
Analyzer Verdict Alert fortinet Malware
GET /39.12cd4f2b64e5a3413a1d.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "d827-5ed0456c1e015-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 13482
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/7.e007deeaa209aae0a65c.js
27.71.234.16200 OK 169 kB URL HTTP/1.1 seazen.edu.vn/7.e007deeaa209aae0a65c.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
Size 169 kB (168768 bytes)
Hash d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
Analyzer Verdict Alert fortinet Malware
GET /7.e007deeaa209aae0a65c.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:22 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "d1de-5ed0456c2e5d4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 14617
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/20.85ca7dfc50db47cf7c5c.js
27.71.234.16200 OK 4.9 kB URL HTTP/1.1 seazen.edu.vn/20.85ca7dfc50db47cf7c5c.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (15861), with no line terminators
Hash d26b58623670e21d862074d41f42d96a
7f3aaef168b7b5ca5e58f9ce51fcf4b307db2577
44a4fd2b942661db142e1acb5af12555c888af6f91490e8e6fc9cdc5c973e743
Analyzer Verdict Alert fortinet Malware
GET /20.85ca7dfc50db47cf7c5c.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3df5-5ed0456bc3aa0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4907
Keep-Alive: timeout=2, max=90
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/22.43e6413cd3a2cda9cb7a.js
27.71.234.16200 OK 7.6 kB URL HTTP/1.1 seazen.edu.vn/22.43e6413cd3a2cda9cb7a.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (27744), with no line terminators
Hash 6038af337bc363d066043337dee51472
55c659722a68c7b75b173fc4b09a65ef5162596c
5d2721ccd8d81100af7fe041db44d9689f06eb8c4d61233d6cba3a924f12e7d4
Analyzer Verdict Alert fortinet Malware
GET /22.43e6413cd3a2cda9cb7a.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "6c60-5ed0456bccb2c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7603
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/4.1708fb7cbb3e2eab9661.js
27.71.234.16200 OK 6.1 kB URL HTTP/1.1 seazen.edu.vn/4.1708fb7cbb3e2eab9661.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (21144), with no line terminators
Hash 948937bfc31d1c9b17a1598fe6689661
5585958154deac2b576b6618d4a67337806416e5
6265fd876b43af8ee8c723eca4b5f50c0bba95f53de7649dee68d0a3408474ea
Analyzer Verdict Alert fortinet Malware
GET /4.1708fb7cbb3e2eab9661.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "5298-5ed0456c25548-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6061
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/30.8299d8c8f6305e0b1147.js
27.71.234.16200 OK 4.8 kB URL HTTP/1.1 seazen.edu.vn/30.8299d8c8f6305e0b1147.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (15814), with no line terminators
Hash 91d610475e63e67b8a346bf7bc671578
06815f88d11df82a557098a474466e2596e5c817
3823130ffdfdb6f2d0e91ec8f35ced46c50ea5a7792e490caeb965e51b48fa86
Analyzer Verdict Alert fortinet Malware
GET /30.8299d8c8f6305e0b1147.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3dc6-5ed0456bf47f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4839
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/32.c36351915bcd62a207e2.js
27.71.234.16200 OK 5.9 kB URL HTTP/1.1 seazen.edu.vn/32.c36351915bcd62a207e2.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (19986), with no line terminators
Hash 020b78f9c3f80e69ee76c13c1f9a3c82
3ef931376d5f609f13e59af028b6b54117854fd0
334cddff7d86d975174424d96324fd610a9f45d90088982eeba4fb61238a4fcb
Analyzer Verdict Alert fortinet Malware
GET /32.c36351915bcd62a207e2.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "4e12-5ed0456bfc4f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5915
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/18.489e464aca74650514e2.js
27.71.234.16200 OK 6.0 kB URL HTTP/1.1 seazen.edu.vn/18.489e464aca74650514e2.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (21087), with no line terminators
Hash 86c4e722ee2658d6986674b705e09a0a
622cf588af3d0a86e2fcf67c9bae9c9f524e4170
9489f2aa5016229322b191ea368596b3fcdfb508a2ad2d748d88ec1cb2419312
Analyzer Verdict Alert fortinet Malware
GET /18.489e464aca74650514e2.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "525f-5ed0456bbdcde-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5962
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/6.e1e324916fd7622aaaff.js
27.71.234.16200 OK 345 kB URL HTTP/1.1 seazen.edu.vn/6.e1e324916fd7622aaaff.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Size 345 kB (345326 bytes)
Hash 342fde4b3a4738a3cb149dc21b4406a0
16628938d7a7962b92f0c725211b113f02e3d022
e0941b5ed008538d06a96c1da8901c9473dc05b8a45519ccad07571b5fc46dfe
Analyzer Verdict Alert fortinet Malware
GET /6.e1e324916fd7622aaaff.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "134090-5ed0456c4550d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
seazen.edu.vn/17.97026d3e18957bf51085.js
27.71.234.16200 OK 5.8 kB URL HTTP/1.1 seazen.edu.vn/17.97026d3e18957bf51085.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (20357), with no line terminators
Hash fe1a5aac7b721b865f96201c6d154dc2
fafcda440bc66d1eb4816461bfe339b8ef779617
d1c1fb770d70e7a242c064ee930b5eddfe7c0abbc5aa4ed79b0819f1dea18993
Analyzer Verdict Alert fortinet Malware
GET /17.97026d3e18957bf51085.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:23 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "4f85-5ed0456bb7363-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5816
Keep-Alive: timeout=2, max=89
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/14.b4fa12a0e5057b1f493a.js
27.71.234.16200 OK 8.8 kB URL HTTP/1.1 seazen.edu.vn/14.b4fa12a0e5057b1f493a.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (35686), with no line terminators
Hash 2ece9655a00df0c7e96093f950cbf326
6ebed246f131b032a52e22a58a2c9b4794445c17
505106a41847d98acd02a27bc8dc6ba3e47376eb952b0ddc42aa03ec4017b085
Analyzer Verdict Alert fortinet Malware
GET /14.b4fa12a0e5057b1f493a.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "8b66-5ed0456ba8515-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8756
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/35.af287b9760a8548ea4f7.js
27.71.234.16200 OK 7.6 kB URL HTTP/1.1 seazen.edu.vn/35.af287b9760a8548ea4f7.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (34272), with no line terminators
Hash b28215a2d8557030f56d54b57146b2de
0333703fe2aff83f55547d1923494e4e29f9d7fd
a99ebf5145ee90477feff2a7ee57ebf7badc9066c4722f42782d0f913f2292f0
Analyzer Verdict Alert fortinet Malware
GET /35.af287b9760a8548ea4f7.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "85e0-5ed0456c04db3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7569
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/37.550b5625956026a800ef.js
27.71.234.16200 OK 7.2 kB URL HTTP/1.1 seazen.edu.vn/37.550b5625956026a800ef.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (29046), with no line terminators
Hash 804be71ba2ddb2c7f807877f2377f906
03374de87d321d296ab9ffad20989aff4e594896
4b4f897d2c85716ba7a0d33927e5073def0f758bb34107c1f44a70657962de0f
Analyzer Verdict Alert fortinet Malware
GET /37.550b5625956026a800ef.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "7176-5ed0456c15372-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7191
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/28.36c1c4f94358348b12fb.js
27.71.234.16200 OK 4.6 kB URL HTTP/1.1 seazen.edu.vn/28.36c1c4f94358348b12fb.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (14827), with no line terminators
Hash 61263d75b45de65f5b7f582222331025
d597116331279d27512e0123d57f16177b7a9f99
20bb094a1ee8e3fe6b457dd4a6a2c87b5d9b6b24a086ceefbba0dc85223ecd4f
Analyzer Verdict Alert fortinet Malware
GET /28.36c1c4f94358348b12fb.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "39eb-5ed0456be3a65-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4612
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/33.0db20a2009be8f69e872.js
27.71.234.16200 OK 4.4 kB URL HTTP/1.1 seazen.edu.vn/33.0db20a2009be8f69e872.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (13859), with no line terminators
Hash 4ef8c30953373e7f9c5af98d3d9fcc9c
9e77b1326e0de60d1f61c627bcbd876c2141f99d
478e84fdbfb200b56963c53517608d34053c7276abd10d1987049af63beb7ebd
Analyzer Verdict Alert fortinet Malware
GET /33.0db20a2009be8f69e872.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3623-5ed0456bfc4f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4385
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/27.801161bb5f7825aa2964.js
27.71.234.16200 OK 4.4 kB URL HTTP/1.1 seazen.edu.vn/27.801161bb5f7825aa2964.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (13705), with no line terminators
Hash d2891f96440c741985551b46502056c2
6338c1ef8fbc22816cef4996f703c3571abaf905
c65f9e2d92b8d691a0caef7d6f499018501d71024a31b00404838127b65a65c0
Analyzer Verdict Alert fortinet Malware
GET /27.801161bb5f7825aa2964.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3589-5ed0456be3a65-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4362
Keep-Alive: timeout=2, max=88
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/23.bdeb5ec31dbee3a31854.js
27.71.234.16200 OK 4.4 kB URL HTTP/1.1 seazen.edu.vn/23.bdeb5ec31dbee3a31854.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (13770), with no line terminators
Hash 2bcaa11468bb75755a5b647d718be8fe
a8080143bd3dd97771dccec4407226674a49fb04
ebbd45551c7441b0e396806f3f2fbe3f814e61b4497e397b772c9a1cda03d02b
Analyzer Verdict Alert fortinet Malware
GET /23.bdeb5ec31dbee3a31854.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "35ca-5ed0456bd4c17-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4369
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/31.28d6a22de754bbffc493.js
27.71.234.16200 OK 4.3 kB URL HTTP/1.1 seazen.edu.vn/31.28d6a22de754bbffc493.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (13177), with no line terminators
Hash 1a5f830880874c6232ac729dd7e132d4
54f07d89a95d6e444898dbeab8494817f20c7806
85f9b600d4d6e0c88c4fc6dbaf422307b5ad56a211a8b4ad772742bc960ce1b4
Analyzer Verdict Alert fortinet Malware
GET /31.28d6a22de754bbffc493.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3379-5ed0456bf47f4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4273
Keep-Alive: timeout=2, max=92
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/25.8a12afc34fde6cb45aab.js
27.71.234.16200 OK 4.2 kB URL HTTP/1.1 seazen.edu.vn/25.8a12afc34fde6cb45aab.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (13098), with no line terminators
Hash f7b6e66752ec3dde6d529bdbe252ec32
6429014b688586bb077b61243ef6841a13f9f817
77cf448dd1a7a2b629cdaefb2e870393cc84d64f6ce0f1fc560514258ec1e229
Analyzer Verdict Alert fortinet Malware
GET /25.8a12afc34fde6cb45aab.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "332a-5ed0456bdb1aa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4239
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/24.9626bd8ddb505871f5d6.js
27.71.234.16200 OK 4.6 kB URL HTTP/1.1 seazen.edu.vn/24.9626bd8ddb505871f5d6.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (14520), with no line terminators
Hash fa79077885fbc0065041992091b4c8f3
8b41fb3fb17f3c7b3f73191b820b38971650bd03
452d392a823d46ada233060f9c289d2379f35feb3f4d2022534b8733ad234e00
Analyzer Verdict Alert fortinet Malware
GET /24.9626bd8ddb505871f5d6.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "38b8-5ed0456bd4c17-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4573
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/26.2eb5d3285a1aac91de67.js
27.71.234.16200 OK 4.6 kB URL HTTP/1.1 seazen.edu.vn/26.2eb5d3285a1aac91de67.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (14457), with no line terminators
Hash bdea9a9920e4ffff1aa9aeb6c247e0f8
d97d4b120bc6910db018692f66494c70d732de51
485c849317b9ef979a4e48e81e2511eb20e4b4bd6b3dd0d6ff8f898d91a2c206
Analyzer Verdict Alert fortinet Malware
GET /26.2eb5d3285a1aac91de67.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "3879-5ed0456bdb1aa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4574
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/29.2422b2f0ddb1b4807b67.js
27.71.234.16200 OK 5.3 kB URL HTTP/1.1 seazen.edu.vn/29.2422b2f0ddb1b4807b67.js
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type ASCII text, with very long lines (17223), with no line terminators
Hash 2d25b906d1bfbe89e49955db5c9fe074
6b19eaa7bf69cfb3ee20459bae8009e174c2c68c
3e3c2dac3b4ca12b8641814a460a681e783be9310ea0811b8e9c30ec18fe851b
Analyzer Verdict Alert fortinet Malware
GET /29.2422b2f0ddb1b4807b67.js HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:34 GMT
ETag: "4347-5ed0456bec709-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5279
Keep-Alive: timeout=2, max=87
Connection: Keep-Alive
Content-Type: application/javascript
seazen.edu.vn/assets/img/contact-icon-phone.jpg
27.71.234.16200 OK 5.9 kB URL HTTP/1.1 seazen.edu.vn/assets/img/contact-icon-phone.jpg
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type JPEG image data, baseline, precision 8, 64x64, components 3\012- data
Hash a50b3a1cdb92f3f50bf64d94f66d5094
f6350c3af44948b3ca4024c2ded9378ba4261746
a2371b2b660ef2c38969224062af9088ad3624ef4a820f582c03177aefde92df
GET /assets/img/contact-icon-phone.jpg HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/nids/offerclague
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:37 GMT
ETag: "16e2-5ed0456f33a29"
Accept-Ranges: bytes
Content-Length: 5858
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
seazen.edu.vn/assets/fontawesome/fonts/fa-brands-400.woff2
27.71.234.16200 OK 77 kB URL HTTP/1.1 seazen.edu.vn/assets/fontawesome/fonts/fa-brands-400.woff2
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31261\012- data
Hash 0511670fe2f5405105a6760294c5c51d
61cb879dec4fa97ece0d2a26cd6767c66117841b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
Analyzer Verdict Alert fortinet Malware
GET /assets/fontawesome/fonts/fa-brands-400.woff2 HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://seazen.edu.vn/assets/fontawesome/all.min.css
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:38 GMT
ETag: "12bc4-5ed0456f9aeac"
Accept-Ranges: bytes
Content-Length: 76740
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=90
Connection: Keep-Alive
seazen.edu.vn/assets/fontawesome/fonts/fa-light-300.woff2
27.71.234.16200 OK 184 kB URL HTTP/1.1 seazen.edu.vn/assets/fontawesome/fonts/fa-light-300.woff2
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type Web Open Font Format (Version 2), TrueType, length 184144, version 331.-31261\012- data
Size 184 kB (184144 bytes)
Hash de11da0fb48a14c9cbc05b0a24ed6efa
878cd08a06b335d95826e813e0a8777e28a76d04
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
Analyzer Verdict Alert fortinet Malware
GET /assets/fontawesome/fonts/fa-light-300.woff2 HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://seazen.edu.vn/assets/fontawesome/all.min.css
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:38 GMT
ETag: "2cf50-5ed0456f8fedf"
Accept-Ranges: bytes
Content-Length: 184144
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
seazen.edu.vn/assets/fontawesome/fonts/fa-solid-900.woff2
27.71.234.16200 OK 137 kB URL HTTP/1.1 seazen.edu.vn/assets/fontawesome/fonts/fa-solid-900.woff2
IP 27.71.234.16:0
ASN #38731 CHT Compamy Ltd
File type Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261\012- data
Size 137 kB (136824 bytes)
Hash 978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Analyzer Verdict Alert fortinet Malware
GET /assets/fontawesome/fonts/fa-solid-900.woff2 HTTP/1.1
Host: seazen.edu.vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://seazen.edu.vn/assets/fontawesome/all.min.css
Cookie: ci_session=j2dq52gt3k4e7opks5sgskknl4p3m9ng; _ga_2LVZYDPL5L=GS1.1.1670304797.1.0.1670304797.0.0.0; _ga=GA1.1.605330308.1670304798
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 05:33:24 GMT
Server: Apache/2
Last-Modified: Wed, 09 Nov 2022 07:09:38 GMT
ETag: "21678-5ed0456f99353"
Accept-Ranges: bytes
Content-Length: 136824
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=2, max=91
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 22:09:54 GMT
expires: Tue, 05 Dec 2023 22:09:54 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 26611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:11:16 GMT
expires: Wed, 06 Dec 2023 05:11:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 05:33:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
104.16.87.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 104.16.87.20:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seazen.edu.vn
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 05:33:20 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
x-served-by: cache-fra19144-FRA, cache-iad-kiad7000155-IAD
x-cache: HIT, HIT
vary: Accept-Encoding
cf-cache-status: HIT
age: 15993397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BAOec1AdXEbOXtmJf6MORGgNw6Ol8cQ0HDBsVpz5DRoggDa0nsRw6vZq%2BJX4LG1KaCdUAEhdi1mSbTtKK3JDfTZbWAB1uSqAqRuVr6TYa%2FWpxTVDsSMNhWvz2DDnYaZ%2BmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7752a56a88f10af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seazen.edu.vn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Dec 2022 05:33:20 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+240; expires=Thu, 05-Dec-2024 05:33:20 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2