r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11793
Expires: Tue, 06 Dec 2022 13:49:30 GMT
Date: Tue, 06 Dec 2022 10:32:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:32:57 GMT
Last-Modified: Tue, 06 Dec 2022 08:52:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 10:18:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 859
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11862
Expires: Tue, 06 Dec 2022 13:50:39 GMT
Date: Tue, 06 Dec 2022 10:32:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: L1r3i+kpj5ii/lHOZu/kBhtKs3ttm6C0KEJ8jPPK8RHqNUglBk7Avz+7iyDLAU4S+Ttr9n+K4aA=
x-amz-request-id: AM6TVNZCG7765H4A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 09:48:53 GMT
age: 2645
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 10:32:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
zndance.com/air/view_new.asp?num=55248
211.115.110.111303 See Other 227 B URL HTTP/1.1 zndance.com/air/view_new.asp?num=55248
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash 8053976e93211f1ec27fba4debae36a3
f752701ba202e0938157ed18ea50503bd9192b40
5be193a4f956e7cf5aad9b7dd4ea0734f3d8f69e9f36a23bdc89db72cfc696a1
Analyzer Verdict Alert fortinet Malware
GET /air/view_new.asp?num=55248 HTTP/1.1
Host: zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 303 See Other
Content-Type: text/html; charset=UTF-8
Location: https://zndance.com/air/view_new.asp?num=55248
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:32:55 GMT
Content-Length: 227
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 1440
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6039
Cache-Control: max-age=87273
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 10:32:58 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:47:31 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.149.164101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.149.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QA/G1CwOodDoK2JPC1u8sw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bdz6ZKaIpUisqbwQKjfSXInyUF4=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9063
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9063
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9063
Expires: Tue, 06 Dec 2022 13:04:03 GMT
Date: Tue, 06 Dec 2022 10:33:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9008
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 10:33:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 43791
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4bbfe2037fd1658cad81b5b8e4d885c
9487451d24db59cc0f426410da2b55f94f3bb34b
2a124c75c6c90c5633f3538c8b84422262f81cb35d8f4cf4ed0032cc897a5ab9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18490
x-amzn-requestid: f01c056f-b0bc-4833-9934-d0c37f4d701c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS4wE5NIAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6504-1111ee0221c3c4165a9ef2ab;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8sBwcJAFNw2JBe2qoHD4ntHml-XB1ZMIELxC-rgfXwn5XTrg3-5R6A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:45 GMT
age: 44835
etag: "9487451d24db59cc0f426410da2b55f94f3bb34b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73b9f329cd3a39d0756de62dd5f190b7
0f1c7567b89cc3de60196e47e37879296359bc78
e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4827
x-amzn-requestid: 9091cc45-8fb1-4b07-8ef9-3f42b85fb81e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYH_KIAMFpMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-6bf3bf8659ef3feb27c1803f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxdYE-ftBwC_0KcBJBQqvUbVXM54TmsKR8QXIfLIhdLYsqtaxdx9tg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:26 GMT
age: 43834
etag: "0f1c7567b89cc3de60196e47e37879296359bc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUDYEQbIAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:14 GMT
age: 45946
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 44984
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 43838
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zndance.com/design/css/zn_sub_css.css
211.115.110.111200 OK 17 kB URL HTTP/1.1 www.zndance.com/design/css/zn_sub_css.css
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 8b64d78cfec55ca3c5f88a3058906312
20cd13eb0048832f7bcb33aac6405ea9c7c31556
a250bd57ac9b5c51e22bdc1c7b301268483b8f460c569b9326bb9006dd2d3b0a
GET /design/css/zn_sub_css.css HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 02 Mar 2015 09:43:26 GMT
Accept-Ranges: bytes
ETag: "c05abf54cd54d01:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:32:59 GMT
Content-Length: 16648
www.zndance.com/js/player.js
211.115.110.111200 OK 2.7 kB URL HTTP/1.1 www.zndance.com/js/player.js
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type ISO-8859 text, with CRLF line terminators
Hash a07f8ada08c8d1ba306f31d0c6128126
e20b8fccd982e17e4779073f06df54c2553cde57
0ef4e3655655b805c4f21bbcd7c71331deffbbca8b232e1b3b551e6daf413f8a
Analyzer Verdict Alert fortinet Malware
GET /js/player.js HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 02 Jun 2014 06:42:47 GMT
Accept-Ranges: bytes
ETag: "b0b490dd2d7ecf1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 2720
www.zndance.com/design/css/zn_main_css.css
211.115.110.111200 OK 9.0 kB URL HTTP/1.1 www.zndance.com/design/css/zn_main_css.css
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 14c8c39ed3f3e7ce36a7754a7d4c7515
c960a5f968b22c722b164d399ca7df3444245ecf
3438cf840442c938ce040f85d88a08c3ce7a63a0297472fd3d1062646a09da60
GET /design/css/zn_main_css.css HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 02 Mar 2015 09:43:26 GMT
Accept-Ranges: bytes
ETag: "40b1bb54cd54d01:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 8981
www.zndance.com/IMGTech/ZoneMediaPlayer/js/app/app.js?20161122
211.115.110.111200 OK 16 kB URL HTTP/1.1 www.zndance.com/IMGTech/ZoneMediaPlayer/js/app/app.js?20161122
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash fe51c6527503b3c06a6d36ecf7d757d7
3f49a75c2159f989249fe56194616f2f2e82d50c
d11872e5924e6537390e056e9081187a8ec8ce8e87eccdfa0b1c77ea3ec65812
GET /IMGTech/ZoneMediaPlayer/js/app/app.js?20161122 HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Tue, 22 Nov 2016 10:10:24 GMT
Accept-Ranges: bytes
ETag: "a912f1a3a844d21:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 15992
www.zndance.com/Scripts/AC_RunActiveContent.js
211.115.110.111200 OK 8.4 kB URL HTTP/1.1 www.zndance.com/Scripts/AC_RunActiveContent.js
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with CRLF line terminators
Hash e1b2a557e7322cac06aa43c014084852
ad84417b2a6f537c15414a0e2f30607a7377de8c
e348f5331a4c779cfe050ebfbccab4e479129ecb59ca5720bea5619220a3e7e0
Analyzer Verdict Alert fortinet Malware
GET /Scripts/AC_RunActiveContent.js HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Last-Modified: Mon, 06 May 2013 13:35:30 GMT
Accept-Ranges: bytes
ETag: "1b95b1935e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 8373
www.zndance.com/design/images/sub_backline_botm.jpg
211.115.110.111200 OK 13 kB URL HTTP/1.1 www.zndance.com/design/images/sub_backline_botm.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 05:06:05], baseline, precision 8, 177x18, components 3\012- data
Hash 700612a5f8531b4acbf70641fff8ca1f
fdf851f4e1f1dbc2d96886d38e91959868d26d02
ddf028837f334782a582565dfc5d148cee11ed05d6165869a1b924ec6ebf6930
GET /design/images/sub_backline_botm.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:10 GMT
Accept-Ranges: bytes
ETag: "fb3718645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 13145
www.zndance.com/images/writ_4234.gif
211.115.110.111200 OK 1.5 kB URL HTTP/1.1 www.zndance.com/images/writ_4234.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 68 x 46\012- data
Hash 3e113b46e74371c90c874f0108f203d9
b771c1823c7b72d91eb42b3cb6b71983b86b2d34
7feec61b3f0518cfe72c0d423eb8bed058d93cfddf16628f29fc532225169eda
GET /images/writ_4234.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:56 GMT
Accept-Ranges: bytes
ETag: "cb4c597f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 1472
www.zndance.com/design/images/top_menu01_01.jpg
211.115.110.111200 OK 1.4 kB URL HTTP/1.1 www.zndance.com/design/images/top_menu01_01.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 193x65, components 3\012- data
Hash b5562474bea075a695f6b850be553f42
732bce7ca91a1285aebf0a4be883a236cc554ab7
76a0046e82765343be60617aca38c82e76a5ec5398c232540536f97c5257a4de
GET /design/images/top_menu01_01.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:11 GMT
Accept-Ranges: bytes
ETag: "db3788645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 1422
www.zndance.com/hotkeyword/hotkeyword2.asp
211.115.110.111200 OK 2.3 kB URL HTTP/1.1 www.zndance.com/hotkeyword/hotkeyword2.asp
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with CRLF line terminators
Hash db36223b2b156d35714e4564b1bb1e46
95dd2b75def1c6b01fdb83698d4a10bc7f5e03f7
b916bf5271c6fe9defbd726d0568156d28f9c51d807bf53164576878fc8a9546
Analyzer Verdict Alert fortinet Malware
GET /hotkeyword/hotkeyword2.asp HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2294
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
www.zndance.com/images/event_sub_top.jpg
211.115.110.111200 OK 16 kB URL HTTP/1.1 www.zndance.com/images/event_sub_top.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:02:21 19:00:54], baseline, precision 8, 175x20, components 3\012- data
Hash 8fdfce46086989ca82ad1c91e3f9c88b
9afdf2705523f32038df6a2a061501b09290e926
de6447a58e56fab58f10358101d378d9a28a8d19fcef8b24ef857bcc6d71cc97
GET /images/event_sub_top.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:52 GMT
Accept-Ranges: bytes
ETag: "9bfe1f7d5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 16362
www.zndance.com/images/notice_sub_top.jpg
211.115.110.111200 OK 17 kB URL HTTP/1.1 www.zndance.com/images/notice_sub_top.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:02:21 19:00:39], baseline, precision 8, 175x20, components 3\012- data
Hash 3d221c9d2710330c317f8fbe8e6e31ee
b844b76e1cc17f76e68d61f80be71f40f718ea69
49f7b08bf298c8bcee832006e242425e066cab75b55ad4bbbf2af95547e3a55c
GET /images/notice_sub_top.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:55 GMT
Accept-Ranges: bytes
ETag: "5b30c87e5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 17142
www.zndance.com/popup/images/event_banner.jpg
211.115.110.111200 OK 29 kB URL HTTP/1.1 www.zndance.com/popup/images/event_banner.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:02:23 06:43:47], baseline, precision 8, 177x69, components 3\012- data
Hash 1b69717c2e03b4955cabdcafbfe54d72
6d4a9f627c06eab8d574a1ea4ac1fa42681fd218
4d840aa7ef22491d474be211426159c59649170bcd3a5a023e5f3b69ed8a9aaf
GET /popup/images/event_banner.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:35:30 GMT
Accept-Ranges: bytes
ETag: "bbbf6e935e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 28988
www.zndance.com/popup/images/suppoter_bener2.jpg
211.115.110.111200 OK 39 kB URL HTTP/1.1 www.zndance.com/popup/images/suppoter_bener2.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:03:07 06:48:54], baseline, precision 8, 177x69, components 3\012- data
Hash d93cf53b0660b7383ac97178a585bbb9
3c7beb8e1acb1bb852096e05696d9ea19461cc41
32004d1ef59a9bf96ca9363f13180a5778a140e471d3e88c8923babafa2a59c9
GET /popup/images/suppoter_bener2.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:35:30 GMT
Accept-Ranges: bytes
ETag: "fb907b935e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 39336
www.zndance.com/popup/images/mp3_benner.jpg
211.115.110.111200 OK 35 kB URL HTTP/1.1 www.zndance.com/popup/images/mp3_benner.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:02:23 07:16:49], baseline, precision 8, 177x69, components 3\012- data
Hash 82d42474c71c247da9578f61f060e2d5
bb93d41d483a1af7d212be847aecf57fbb489dd9
aa9a15c59cd11114f99686256341967c6f157b442961ed2da4d9be1b0134d507
GET /popup/images/mp3_benner.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:35:30 GMT
Accept-Ranges: bytes
ETag: "5b4670935e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
Content-Length: 34725
www.zndance.com/design/css/hotkeyword_css2.css
211.115.110.111200 OK 3.4 kB URL HTTP/1.1 www.zndance.com/design/css/hotkeyword_css2.css
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a8d9d2b8f062422c08cca864b8418569
c82a363a101f98acbc872480c90c0bd2f2a31461
199388a53e2c97171013eb73a8333b26a42a4c288e54417436933d43ab3b9659
GET /design/css/hotkeyword_css2.css HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/hotkeyword/hotkeyword2.asp
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 02 Mar 2015 09:43:26 GMT
Accept-Ranges: bytes
ETag: "80bebe54cd54d01:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 3360
www.zndance.com/shop/list.asp?cNum=55248
211.115.110.111200 OK 10 kB URL HTTP/1.1 www.zndance.com/shop/list.asp?cNum=55248
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8ebd7a688280c66243c9723aa8a54fa0
f24375af2d629cbb1870e263931fe0fff36a972d
13c03fb045adef0f692355b826af37f373dd48927048322c0c5915288b225d0d
GET /shop/list.asp?cNum=55248 HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 10407
Content-Type: text/html
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:00 GMT
www.zndance.com/design/images/logIcon1.gif
211.115.110.111200 OK 53 B URL HTTP/1.1 www.zndance.com/design/images/logIcon1.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 3 x 6\012- data
Hash f04ebd0e45b768ee25513f68d3ae1ae9
2dd81a61ee7ddd665929d7ea45fd5c1cc0a6a883
3050ad6cbf246238f8088e1fdc3a803e0a59fd68386a4dc3708d7e2dc020bd15
GET /design/images/logIcon1.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:06 GMT
Accept-Ranges: bytes
ETag: "db88cb615e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 53
www.zndance.com/images/mainCar2.gif
211.115.110.111200 OK 3.6 kB URL HTTP/1.1 www.zndance.com/images/mainCar2.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 163 x 39\012- data
Hash 41d9631b2ea970909423e7fd6bdeddec
edf6f736ad0dfdc3d9a2cdae2262ff7496ad0d28
f32ba69d38d4370cd7ee43e25fe7a9ec08941d24f40cb364a5ba226b75ab9b10
GET /images/mainCar2.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:54 GMT
Accept-Ranges: bytes
ETag: "cb44d7e5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 3633
www.zndance.com/design/images/logoutBt2.gif
211.115.110.111200 OK 363 B URL HTTP/1.1 www.zndance.com/design/images/logoutBt2.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 51 x 19\012- data
Hash 7f670df95656c7c2104f639a9fd68d3a
6748d86dd5869ede01da9c597b095db3e1f86143
17af43a1d5f7a98f563a669bfdaba071128b3f323642b1ab2a88923e75a2e1ca
GET /design/images/logoutBt2.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:07 GMT
Accept-Ranges: bytes
ETag: "fb22e9615e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 363
www.zndance.com/design/images/top_menu01_04.jpg
211.115.110.111200 OK 1.8 kB URL HTTP/1.1 www.zndance.com/design/images/top_menu01_04.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 150x150, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 191x66, components 3\012- data
Hash 2dc965f645eae2c465f5b253940c42da
0b943166d59d5613d1b53a2b75007a23aa074628
b15829f47fa4a4c8ce638c1eddbb8f07ea59e94d44e2cb465e23cac69341c733
GET /design/images/top_menu01_04.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:11 GMT
Accept-Ranges: bytes
ETag: "3b7590645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 1821
www.zndance.com/design/images/topmenu02.jpg
211.115.110.111200 OK 29 kB URL HTTP/1.1 www.zndance.com/design/images/topmenu02.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 04:13:37], baseline, precision 8, 1002x46, components 3\012- data
Hash 4a4b1b3a29e74725ade390f5b36c3c07
dce778bd6b2712432910e0a08ab79e86e1bd82b1
c5abb407688b1991e1cc3248e73a1413e7b04644f1bb4ec72705be937e12f2ac
GET /design/images/topmenu02.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:11 GMT
Accept-Ranges: bytes
ETag: "9b2a85645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 29049
www.zndance.com/design/images/sub_backline.jpg
211.115.110.111200 OK 705 B URL HTTP/1.1 www.zndance.com/design/images/sub_backline.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 96x96, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 177x5, components 3\012- data
Hash a39e0050aaccac64537ef39a4112c3e1
62f09404b9d09f95a76d3501ea0acf756f9ee518
d45d99d46b9bf051a37cde14b468e31d8e6cdb6005c1f027a61ee39dd4601d38
GET /design/images/sub_backline.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:10 GMT
Accept-Ranges: bytes
ETag: "bbb912645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 705
www.zndance.com/design/images/shop_jum.jpg
211.115.110.111200 OK 12 kB URL HTTP/1.1 www.zndance.com/design/images/shop_jum.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:07:13 18:19:25], baseline, precision 8, 5x5, components 3\012- data
Hash f99605683f81c9ff4d9de9616d5ee398
676cf67fdfeb268f65983381f125084e9ed33369
94266d8ee464561d2d74790d00ed280e9398a8828a44c97e632872304ae90550
GET /design/images/shop_jum.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/shop/list.asp?cNum=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:10 GMT
Accept-Ranges: bytes
ETag: "dbf7eb635e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 11488
www.zndance.com/design/images/air_2394823423.jpg
211.115.110.111200 OK 12 kB URL HTTP/1.1 www.zndance.com/design/images/air_2394823423.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 04:44:07], baseline, precision 8, 26x55, components 3\012- data
Hash 3ab287cb36be3474719a5562d70dee45
1c9cf295009a7aabc08449b909c732cafd83efc1
c0087533cb7642bc82dee3586f41281d96565ea8694978d38a05046db6284f78
GET /design/images/air_2394823423.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:02 GMT
Accept-Ranges: bytes
ETag: "9bb0635f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 12313
zndance.com/air/view_new.asp?num=55248
211.115.110.111200 OK 28 kB URL HTTP/1.1 zndance.com/air/view_new.asp?num=55248
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
Hash 44e7461a9afedc75322de41adfd573ea
3973e68e29f9eab1043bfa98bee46f610d0b1dd8
772d7b16caa07f48fa800351044e8214d3fb5ccb5081d786a557a5d253a01972
Analyzer Verdict Alert fortinet Malware
GET /air/view_new.asp?num=55248 HTTP/1.1
Host: zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private,no-cache
Pragma: no-cache
Content-Type: text/html
Expires: Mon, 05 Dec 2022 10:32:56 GMT
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDSWQDADBQ=PMAPHGGDFPIIOGJHDFCFLFDP; secure; path=/
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:32:56 GMT
Connection: close
www.zndance.com/design/images/dot_234234.gif
211.115.110.111200 OK 55 B URL HTTP/1.1 www.zndance.com/design/images/dot_234234.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 5 x 5\012- data
Hash 2c628ca4cc82859a45b3606c76f6040b
a84b9d6ff201c43a9d3e598d7811b645fc84b846
557922771353df2d24628d5d4a0a551032e4a67bc6f38c6c25c54506c5d10157
GET /design/images/dot_234234.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:04 GMT
Accept-Ranges: bytes
ETag: "4bc78c605e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 55
www.zndance.com/data/rental/goods/small/kimbbiaelo[1].jpg
211.115.110.111200 OK 7.5 kB URL HTTP/1.1 www.zndance.com/data/rental/goods/small/kimbbiaelo[1].jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 96x96, components 3\012- data
Hash 156d624ab8201acc029a4b1f176be4d9
773e830b355b148bee8855ef13b01e0528730b64
23dd23fbb82ecb0576817ed624590421c2bbed13d125d5c708453532b19ed9ca
GET /data/rental/goods/small/kimbbiaelo[1].jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 28 Nov 2022 08:04:33 GMT
Accept-Ranges: bytes
ETag: "403c20d03d91:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 7482
www.zndance.com/design/images/bt_2948248.gif
211.115.110.111200 OK 803 B URL HTTP/1.1 www.zndance.com/design/images/bt_2948248.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 70 x 18\012- data
Hash 53b5c776c1d75bac9342c3cb45d0864e
b380c81efe4a25426e35334e6c4d165fbfa3fd7c
f5a49f2c2ae3d6136992a82237720e11f6c0627f62137f72e078e31bb0aa98f0
GET /design/images/bt_2948248.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:03 GMT
Accept-Ranges: bytes
ETag: "3b85d55f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 803
www.zndance.com/images/shop_link.jpg
211.115.110.111200 OK 18 kB URL HTTP/1.1 www.zndance.com/images/shop_link.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2014:02:19 23:07:40], baseline, precision 8, 100x17, components 3\012- data
Hash 96e6ce16a2e2a16337f6962118ef141d
a8f71c73cd8496ca0b698aa4fe0a4de2a8badfdf
a94fe39f3275ce0c5b300d7062f20fbc17d820f1bbe619cfc2d72379358356f1
GET /images/shop_link.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/shop/list.asp?cNum=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 19 Feb 2014 14:05:50 GMT
Accept-Ranges: bytes
ETag: "c031a6b17b2dcf1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 17979
www.zndance.com/design/images/dot_23424.gif
211.115.110.111200 OK 98 B URL HTTP/1.1 www.zndance.com/design/images/dot_23424.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 598 x 1\012- data
Hash d1a98db3989ec632109ed729f46f73da
0e3fa545685ef99ab0bd1f0cd641b88148f65ca7
29ec751a31ecad99b6cce0a5dcf8cc0268d4b41f3ccefdc7b62e9df680a55d4f
GET /design/images/dot_23424.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:04 GMT
Accept-Ranges: bytes
ETag: "cb7090605e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 98
www.zndance.com/images/mp3_bar2_bg.jpg
211.115.110.111200 OK 18 kB URL HTTP/1.1 www.zndance.com/images/mp3_bar2_bg.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2012:02:01 23:16:34], baseline, precision 8, 598x45, components 3\012- data
Hash 27bf2ba8d379316018a280e0391fae70
2bbe8252eb6806e2d8532bfcaf9a1377db3bd6f8
13224dd01e6dabfc8cf75052a8e6f56260c5cffadfbe25305a3c65ec020baa1e
GET /images/mp3_bar2_bg.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:54 GMT
Accept-Ranges: bytes
ETag: "dbe54c7e5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 17955
www.zndance.com/design/images/sub_bottom.gif
211.115.110.111200 OK 504 B URL HTTP/1.1 www.zndance.com/design/images/sub_bottom.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 618 x 15\012- data
Hash 5f50488698662a0b3537cb5bb30c591b
b8aea5f90321e5f9a38b9fc98d7fde0c15bc60e6
17a3846dbbb27ab06f9036aa34fdec069b0163fe5c4eb75cb62aa36083988492
GET /design/images/sub_bottom.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:10 GMT
Accept-Ranges: bytes
ETag: "6bba1b645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 504
www.zndance.com/data/rental/banner/20150724lb[1].png
211.115.110.111200 OK 4.6 kB URL HTTP/1.1 www.zndance.com/data/rental/banner/20150724lb[1].png
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 115 x 57, 8-bit colormap, non-interlaced\012- data
Hash 0297c7f08fad3f3e1c7fd76bcd990813
26bea51a1b8a5aa598058c0367fbcc69335a7a1f
1a6ce2a1a28a5fafb926824e5677bb9a676ba53d3e08cba9930e48487dab1463
GET /data/rental/banner/20150724lb[1].png HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 24 Jul 2015 08:33:24 GMT
Accept-Ranges: bytes
ETag: "a2b7f667ebc5d01:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 4625
www.zndance.com/design/images/top_menu01_03.jpg
211.115.110.111200 OK 34 kB URL HTTP/1.1 www.zndance.com/design/images/top_menu01_03.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=66, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=651], baseline, precision 8, 651x66, components 3\012- data
Hash 512e7d105e3437cb7ea0e2fd208570dd
09ae5668423888241e349abd84f89d88c504e353
eda3d5624cc0f810a9773d9a6687679a7f0c1650f30f3c0cf9a1963634062b8c
GET /design/images/top_menu01_03.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Sun, 26 Apr 2015 07:48:52 GMT
Accept-Ranges: bytes
ETag: "40fc170f57fd01:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 34332
www.zndance.com/design/images/topmenu_notice.jpg
211.115.110.111200 OK 16 kB URL HTTP/1.1 www.zndance.com/design/images/topmenu_notice.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:05:05 07:13:49], baseline, precision 8, 80x22, components 3\012- data
Hash 357221b783043f58ed6c164107e0f56b
e2d790f8376764d82b5ff9258f1f052b91ffb0c6
47fda89854180fe7c66e64c87314959fac939b8a13036d17bac5481ffc8446ec
GET /design/images/topmenu_notice.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:11 GMT
Accept-Ranges: bytes
ETag: "7bbe89645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 15537
www.zndance.com/design/images/sub_menu01.jpg
211.115.110.111200 OK 26 kB URL HTTP/1.1 www.zndance.com/design/images/sub_menu01.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2012:11:19 14:59:50], baseline, precision 8, 177x71, components 3\012- data
Hash b3af3f6e997c94a63bd1f119f9198d7e
6a4cd5aff7e7a47df2a9bb724e6a86c7cccf94ab
259517c967638d1525366ed76af4c9c0ffcd6599e66d0d4d2ce6906b0d8990e6
GET /design/images/sub_menu01.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:10 GMT
Accept-Ranges: bytes
ETag: "bb530645e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 26381
www.zndance.com/images/copy.jpg
211.115.110.111200 OK 71 kB URL HTTP/1.1 www.zndance.com/images/copy.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2013:08:27 14:47:23], baseline, precision 8, 1000x167, components 3\012- data
Hash f0ed9eb245c53f271f284c1476e82978
d2848f37360b700d0603dc5d1d55f893a8d58b44
78c2db24da17fb950b18d064e567b22688732aa64aa2fd898246d788c9e27ea7
GET /images/copy.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 27 Aug 2013 05:47:56 GMT
Accept-Ranges: bytes
ETag: "201fafbe8a2ce1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 70599
www.zndance.com/images/znlogo.jpg
211.115.110.111200 OK 33 kB URL HTTP/1.1 www.zndance.com/images/znlogo.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 00:28:07], baseline, precision 8, 259x67, components 3\012- data
Hash a678524976873f21b82ed8e6e446f600
f0c04a50624538e06e7b0ca51accc9106698dc96
fe2440b81d2a1b542b56c0430b687f7f9228df1ad8cab5106ecf75fb7b94a15b
GET /images/znlogo.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:56 GMT
Accept-Ranges: bytes
ETag: "8b386c7f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:02 GMT
Content-Length: 32919
www.zndance.com/design/images/ai_2348248.jpg
211.115.110.111200 OK 19 kB URL HTTP/1.1 www.zndance.com/design/images/ai_2348248.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2012:11:19 15:04:38], baseline, precision 8, 146x55, components 3\012- data
Hash b449071507158eab21f52d0655bc9a86
6af665bf02c554bf65b0d7387a2020ab242d222a
75f15212df00fc7590abb4f9b1f831076df88e91adcdf66a0bece97bdd3cb7ec
GET /design/images/ai_2348248.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:02 GMT
Accept-Ranges: bytes
ETag: "7b8725f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 19186
www.zndance.com/design/images/18181818.jpg
211.115.110.111200 OK 13 kB URL HTTP/1.1 www.zndance.com/design/images/18181818.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 04:41:14], baseline, precision 8, 22x55, components 3\012- data
Hash 2bb8738f845d170c985061392fc38a28
f65c8a87e8721deabfd885d93caf2d769e3aac42
9a2ef0067cfdcee8439ad33ecd0d15d20dbe3f259d1eb428253f0b1027b6603a
GET /design/images/18181818.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:02 GMT
Accept-Ranges: bytes
ETag: "3b3e4f5f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 12674
www.zndance.com/design/images/btn_buy.jpg
211.115.110.111200 OK 20 kB URL HTTP/1.1 www.zndance.com/design/images/btn_buy.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 05:43:20], baseline, precision 8, 132x37, components 3\012- data
Hash 7adb9c037dd53d9c690943a02c8188ad
7c33506771e9cb3726c36f6372a1161267b94027
ff18fa0269012b287f9226e4be405ccb0f3a60e5198f385b64f92c83c1613927
GET /design/images/btn_buy.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:03 GMT
Accept-Ranges: bytes
ETag: "bf9c35f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 20336
www.zndance.com/design/images/level_3.gif
211.115.110.111200 OK 845 B URL HTTP/1.1 www.zndance.com/design/images/level_3.gif
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 100 x 12\012- data
Hash ce927eb67fb4fb3554c7054c66ab9076
06bdd4e814c7e937000771a98071d24bcdaffe2d
94bc3863132fdf48a862080831b86b11604b4dade002866c16253e647a13c5a8
GET /design/images/level_3.gif HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 06 May 2013 13:34:06 GMT
Accept-Ranges: bytes
ETag: "2b0af615e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 845
www.zndance.com/design/images/btn_chuchun.jpg
211.115.110.111200 OK 18 kB URL HTTP/1.1 www.zndance.com/design/images/btn_chuchun.jpg
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 (12.0x20100115 [20100115.m.998 2010/01/15:02:00:00 cutoff; m branch]) Windows, datetime=2011:04:30 05:43:45], baseline, precision 8, 132x37, components 3\012- data
Hash 29b91fa7077dd8318a5fe1994394034f
f2989598e8f2fe148fee4ebacf3510224ef17165
67f6ac67cb8c9d4bbaebbebf1144b6e671e718c7d50ac61550603622836f3381
GET /design/images/btn_chuchun.jpg HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 06 May 2013 13:34:03 GMT
Accept-Ranges: bytes
ETag: "eb1bc65f5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 18039
www.zndance.com/images/mp3_buy_bt.png
211.115.110.111200 OK 8.1 kB URL HTTP/1.1 www.zndance.com/images/mp3_buy_bt.png
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 123 x 24, 8-bit/color RGBA, interlaced\012- data
Hash 7bb1fda03721e106fcba7fd4a94e3320
7f89aee492b58a76bb24639497840c7ad354d084
5870dc158985dc44db9bc3771232a730d256ae61342d25899dfdd158b0275b88
GET /images/mp3_buy_bt.png HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Mon, 06 May 2013 13:34:54 GMT
Accept-Ranges: bytes
ETag: "eb41597e5e4ace1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 8056
www.zndance.com/images/dress_buy_bt.png
211.115.110.111200 OK 13 kB URL HTTP/1.1 www.zndance.com/images/dress_buy_bt.png
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 599 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e1271c8df7a66a16967211176d127e2
243b8ad4b93a4d4f65714e5891455920ecdbc713
b081332ebfab10068b9a116c28328c04481efb85b972439fb9827318cec8d964
GET /images/dress_buy_bt.png HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zndance.com/air/view_new.asp?num=55248
Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 27 Feb 2014 05:32:20 GMT
Accept-Ranges: bytes
ETag: "154af0487d33cf1:0"
Server: Microsoft-IIS/7.0
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:33:03 GMT
Content-Length: 12768
www.zndance.com/air/view_new.asp?num=55248
211.115.110.111200 OK 0 B URL HTTP/1.1 www.zndance.com/air/view_new.asp?num=55248
IP 211.115.110.111:0
ASN #3786 LG DACOM Corporation
GET /air/view_new.asp?num=55248 HTTP/1.1
Host: www.zndance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zndance.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Cache-Control: private,no-cache
Pragma: no-cache
Content-Type: text/html
Expires: Mon, 05 Dec 2022 10:32:58 GMT
Server: Microsoft-IIS/7.0
Set-Cookie: ASPSESSIONIDSWQDADBQ=BNAPHGGDGMMKOIMIFGDHNIAE; secure; path=/
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 10:32:58 GMT
Connection: close