{"report_id":"98461202-8fdc-4183-95d4-cc1cacf46895","version":6,"status":"done","tags":[],"date":"2023-11-30T12:03:24Z","url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/zboard.php?id=board","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":0,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"final":{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/zboard.php?id=board","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"title":"xyztec-korea.com/bbs/zboard.php?id=board"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:54:57Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.xyztec-korea.com","ip":{"addr":"183.111.141.116","port":0,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"domain_registered":"2014-03-12","domain_rank":0,"first_seen":"2017-03-23 22:46:36","last_seen":"2023-11-06 11:35:51","alert_count":0,"request_count":15,"received_data":138444,"sent_data":6790,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-11-30T12:03:12Z","timestamp":1701345792,"ip_dst":{"addr":"Client IP","port":58864,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"183.111.141.116","port":443,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"severity":"medium","alert":"ET INFO Suspicious Self Signed SSL Certificate to 'My Company Ltd'","source":"{\"timestamp\":\"2023-11-30T12:03:12.435825+0000\",\"flow_id\":302155143569377,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"183.111.141.116\",\"src_port\":443,\"dest_ip\":\"10.70.215.152\",\"dest_port\":58864,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013703,\"rev\":4,\"signature\":\"ET INFO Suspicious Self Signed SSL Certificate to 'My Company Ltd'\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2011_09_28\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2022_03_13\"]}},\"tls\":{\"subject\":\"C=GB, ST=Berkshire, L=Newbury, O=My Company Ltd\",\"issuerdn\":\"C=GB, ST=Berkshire, L=Newbury, O=My Company Ltd\",\"serial\":\"00\",\"fingerprint\":\"f7:e8:d8:c5:06:44:a7:83:f2:96:07:76:6f:0a:48:a8:d5:84:97:bf\",\"sni\":\"www.xyztec-korea.com\",\"version\":\"TLS 1.2\",\"notbefore\":\"2017-04-13T00:34:41\",\"notafter\":\"2117-03-20T00:34:41\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1111,\"bytes_toclient\":1551,\"start\":\"2023-11-30T12:03:11.581601+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-11-30T12:03:12Z","timestamp":1701345792,"ip_dst":{"addr":"Client IP","port":58880,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"183.111.141.116","port":443,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"severity":"medium","alert":"ET INFO Suspicious Self Signed SSL Certificate to 'My Company Ltd'","source":"{\"timestamp\":\"2023-11-30T12:03:12.683904+0000\",\"flow_id\":289714770785130,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"183.111.141.116\",\"src_port\":443,\"dest_ip\":\"10.70.215.152\",\"dest_port\":58880,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013703,\"rev\":4,\"signature\":\"ET INFO Suspicious Self Signed SSL Certificate to 'My Company Ltd'\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2011_09_28\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"tag\":[\"SSL_Malicious_Cert\"],\"updated_at\":[\"2022_03_13\"]}},\"tls\":{\"subject\":\"C=GB, ST=Berkshire, L=Newbury, O=My Company Ltd\",\"issuerdn\":\"C=GB, ST=Berkshire, L=Newbury, O=My Company Ltd\",\"serial\":\"00\",\"fingerprint\":\"f7:e8:d8:c5:06:44:a7:83:f2:96:07:76:6f:0a:48:a8:d5:84:97:bf\",\"sni\":\"www.xyztec-korea.com\",\"version\":\"TLS 1.2\",\"notbefore\":\"2017-04-13T00:34:41\",\"notafter\":\"2117-03-20T00:34:41\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"6aea764ee67f71caf3dc723118906199\",\"string\":\"771,49200,65281-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":1244,\"bytes_toclient\":1551,\"start\":\"2023-11-30T12:03:11.832362+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/zboard.php?id=board","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":0,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":true,"md5":"582195e270f187d46873f2aed7859377","sha1":"7eb75c756a4363a0e9a852cf4f8b71c397342d3f","sha256":"e1339e9d8f054ab660f07656ee3014db56eba9e6ceff0e66c1da3f4dd38a959e","sha512":"e4f39a2d22f0d087718e729b3198be1e9ceb77a411bb3a0d265c2031a804d9b9050ab7fec1fdf9629dcfeb6f610a6bca50586ef96ca7c83b21f459636eb233ea","ssdeep":"","tlshash":"354118bc1696403442fb147f3e6d8bc17834c11b314a7ce2be6c89509fa4f25898bba8","size":2025,"data":"","first_seen":"2024-08-20T17:21:09.672662Z","last_seen":"2024-08-20T17:21:09.672662Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/zboard.php?id=board","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":0,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-03T20:55:47.460874Z","times_seen":16089547,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"www.xyztec-korea.com/bbs/zboard.php?id=board","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":0,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-30T12:03:11.583Z","timestamp":1701345791583,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /bbs/zboard.php?id=board HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Powered-By: PHP/4.4.9p2\r\nSet-Cookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b; path=/\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":5671,"size_decoded":0,"mime_type":"","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ISO-8859 text, with very long lines (2487), with CRLF, CR, LF line terminators","md5":"12fa268617017f94bd8b2a7ec2e4fadf","sha1":"879d25e548c99fba33355948a19bdbd773a5aa10","sha256":"f2945aa75e240476af50a08e9a694502efa4e6feb70fb8d49c73e9297560abc4","sha512":"38bcf04254b4ff224dc5422fbad93ee12da99094e8a09f2e0d769121c3995f6efb803d9de7d6c6926bc0521d283bf4a309163ca8e858a3809eb6e468d5cc6243","ssdeep":"384:tYUB3XCkDt1lwl/CbM6T1+Xzi+JDdDZtjFUG1rleQcIRorVtc6FpqtuDDIPCeWv0:QR","tlshash":"59e24142925948bb11b30ca7b9995f9b38e4f8b0f3941c483cfd59af2bd5db7412128e","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":575,"timings":{"blocked":0,"dns":1,"connect":284,"send":0,"wait":0,"receive":0,"ssl":287},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/style.css","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.957Z","timestamp":1701345792957,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/style.css HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nLast-Modified: Tue, 30 Aug 2016 06:36:53 GMT\r\nETag: W/\"22701b9-79d-57c52985\"\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":670,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ISO-8859 text, with CRLF line terminators","md5":"dd22b7d9488130d245e3f279c23a4a2d","sha1":"f6b2522a7333f15634832dd3ad7dde8fde6f0905","sha256":"842745990ffaa357115c2018ffe2a5386681a482567eb32151fe4e15059c8616","sha512":"9e7fa5984c9e6a89b333955c7b6cee1222a277cfa7641fe6058d9b54c7862c4c3db191c29605db49a7c96e67d7139310ff1de1afd8b5256c01f2a3f56b758e73","ssdeep":"","tlshash":"8f41bd51d28b2057306f895f7465e7a52824a0c2e82b47b8faeb6dc8d59e47e370170c","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/content_on.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.971Z","timestamp":1701345792971,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/content_on.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 132\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:51 GMT\r\nETag: \"22701ab-84-57c52983\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":132,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"b8714dbea482250b6516a24485970a22","sha1":"a2ac11de46a9fb82a1b5f4b137f1684405ef665f","sha256":"1453fe8e6415605e13cb89f1ac93dd84eccc0f4313ba8f8dff8458e7ac223e12","sha512":"fbbb585adf9650a48b820787dc4c178c23a8ce980429f6dba2b159e318f556c2ab44889ef445dcec59e652846fb148db4d16592f5ccbcba5bc03248b81274015","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.656144Z","times_seen":2,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":263,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/images/t.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.965Z","timestamp":1701345792965,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/images/t.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 49\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:35:45 GMT\r\nETag: \"22700d8-31-57c52941\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":49,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 10 x 10\\012- data","md5":"76084e29cb2cf72b320e888edc583dfb","sha1":"8a1ca8ddc90d8a1bc2a6d2147bab31b5904bfd83","sha256":"02d2855c8a5417cd637df1e81f781e42ff2b12ad6dffb923a3822f16b5bfa82a","sha512":"0f0bb4434cde759b5d7cd40c8fb12e37e24ed28d687613d73c9f0475e413e79f2c92736b081b919fade6815c06bc35f4782afe0d1ff628bb7ed58dc890cc07fb","ssdeep":"","tlshash":"33900203dc43c011c405407408c985403b31152245151d1530e53a959dd8152585a040","first_seen":"2023-04-27T01:21:25Z","last_seen":"2026-06-03T02:32:17.46242Z","times_seen":936,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":269,"dns":0,"connect":280,"send":0,"wait":292,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/top_logo_1.jpg","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.962Z","timestamp":1701345792962,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/top_logo_1.jpg HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 26740\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:43:13 GMT\r\nETag: \"2270290-6874-57c52b01\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26740,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1000x130, components 3\\012- data","md5":"9e596e6d0cf9f4b1a427f72e94318461","sha1":"0f2ede9b9052e9fd3dbe09dac4b67d017c2dbc2f","sha256":"45a5015eb1ae6615301661bc43cbb8e6e87b5c8cdb960c12d2326cec6d7c0b61","sha512":"534f8d18d8c9a66fd9684934422f3d93c348480cb17a758b6df38d0efdb5a4efca9d92f12cf99e9f30fd55db4883b66a56221f39e05b5926be744fd6d8573222","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":272,"dns":0,"connect":0,"send":0,"wait":285,"receive":290,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/subject_on.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.969Z","timestamp":1701345792969,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/subject_on.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 131\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:53 GMT\r\nETag: \"22701bb-83-57c52985\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"06e4be4a7f74ac3aef8e8ec467b3892f","sha1":"2cd39a55f68d4d481af7ed321301262c90dbfb29","sha256":"c2dc76d0e80cc4360af84f878490cb3223ad8d7ace892d921a7b4999bf666f23","sha512":"f381a6cc430b15dc733889bfc711c90bc77184442b40a190f41df900ebdf99784a3e7c2499ef73f99ef8f79f4683090ccb8f31b4455656dec0485a5cb9f266ea","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.658655Z","times_seen":2,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":265,"dns":0,"connect":282,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/name_off.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.968Z","timestamp":1701345792968,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/name_off.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 110\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:52 GMT\r\nETag: \"22701b6-6e-57c52984\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":110,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"be76d5d138bd4e5d27ef7880d6836bad","sha1":"84f6722d7fb17b0ccb276aaee5fa27c407b716f1","sha256":"6346336ff576f52673d33fd064f49f5dc0bc8ff702160d5b19fe17280c993ffc","sha512":"b07cf5e52278b5759721ea896090bdcf84487bb5d0f8e801f15a9bcfd33b13241f2e5388a6d16ef7e4d9ae92ba5c3a56bcc068b655433db96df832a1a24fed3e","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.659679Z","times_seen":2,"resource_available":false,"data":null}},"time_used":841,"timings":{"blocked":266,"dns":0,"connect":280,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/t.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.966Z","timestamp":1701345792966,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/t.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 45\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:53 GMT\r\nETag: \"22701bc-2d-57c52985\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 5 x 5\\012- data","md5":"c4e3e106fbcc28e9c5b2be2a78018886","sha1":"fe87fba9c2a6384dfe3827cf6608b0692cb79872","sha256":"e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e","sha512":"836727d22cb6b1734864fc1ef47c5acc29cf250451aad2ad57cff60a50c0a1cf4f7f8558262384685b4c4d21771ab346340dd053009e2ac5d91c4ddf71bb3e2d","ssdeep":"","tlshash":"ba900401fd50c014c10145345f7cc54433001c1d4d05054730fc1705dc345110413005","first_seen":"2023-04-05T02:54:02Z","last_seen":"2026-05-28T21:21:12.799071Z","times_seen":1243,"resource_available":true,"data":null}},"time_used":844,"timings":{"blocked":268,"dns":0,"connect":282,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/list_back.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:13.275Z","timestamp":1701345793275,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/list_back.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/style.css\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 253\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:51 GMT\r\nETag: \"22701ae-fd-57c52983\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":253,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 33\\012- data","md5":"8930e1b4cff303d6608349809cc50f05","sha1":"51459206a9f0c61bbdbafa7c253ac58b6de4d43e","sha256":"2236007875a35f9c1b03c9e4c7cd34a910858628458d377215d4fd0419de08c2","sha512":"3dfd2e891891f754c53cc36d6cbc687dd59b1f13e12f3fe70e2b54132021a54ff787d68efc56f2efdc964d571eb170cc66c250e64e8e53705588118d8210fa6f","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":248,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/subject_off.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:13.256Z","timestamp":1701345793256,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/subject_off.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 112\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:53 GMT\r\nETag: \"22701ba-70-57c52985\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":112,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"0d62d0db892020276231f8a82c2293ec","sha1":"e5908ed4e37fd64c8156e9b356e71f01ea929ce5","sha256":"0e06512965b343db55034e968dbb44aa8727ba201e1f48676ce045e7d733e864","sha512":"d6fa4bf82a8c3a51f5dab39b4d0a03842a3b313d00d3017eb6bd68661c34b0adaf19b5fe629ce04d55954b246033fdac3230f794a95255780611292baed33e54","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.661745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":555,"dns":0,"connect":0,"send":0,"wait":286,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/name_on.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:13.250Z","timestamp":1701345793250,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/name_on.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 131\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:52 GMT\r\nETag: \"22701b7-83-57c52984\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":131,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"ae397a989ddc911986b17a68151e107c","sha1":"73bc6c805ecd2204a4bdcc2a2e96f0054e4cf159","sha256":"cc8c0ea4ca32c32deaa9273efdfb92e6b68ff41928d3222f242430aa30553814","sha512":"8827e056450d52dfdcc4db8f99651b36c46e9cda86e49657e6391129134de2b9c0bd79289431a6178afaefedebf8bc14942d3105036f622b8350379e528e5081","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.662763Z","times_seen":2,"resource_available":false,"data":null}},"time_used":847,"timings":{"blocked":560,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/skin/nzeo_ver4_bbs/content_off.gif","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:13.261Z","timestamp":1701345793261,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/skin/nzeo_ver4_bbs/content_off.gif HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 111\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:36:51 GMT\r\nETag: \"22701aa-6f-57c52983\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":111,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 30 x 11\\012- data","md5":"a593b8782e6e2f232a52947254fa3e1e","sha1":"370c8560515d2833f06b05d7c8faec2f49eea46c","sha256":"8dd8ff92294fec0b6a01bb3106a6209db50db56d5a43be7322deaa856cad03f8","sha512":"9614e0d1f0c7b61e10ee3b1d759129ea878cc27e5158c86b10854f08b358c0ec4c65fa733a1e004c7b2a88b8921df4ac11381e751344ee4c6cd37d258a44d50d","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2024-08-20T17:21:09.664063Z","times_seen":2,"resource_available":false,"data":null}},"time_used":837,"timings":{"blocked":550,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/favicon.ico","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:14.232Z","timestamp":1701345794232,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":183,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"826b61be51a29e882493a70576715fe8","sha1":"1ee5148ce78bb708684adce707a5176423dd4983","sha256":"e4e866612068e7d36f56e00a85f99d750509224d7161db8218c17427f8be7640","sha512":"def5355f01e71f13b2459bb845de3ad578aa744a3ef4c29e6b0d3b7fc0ec4162dba6e45e9335cdb73c26fb755ba261c50cc4867270ae51766f0bc9d6939ffd07","ssdeep":"","tlshash":"82d0226de8ab56de01133075358a00b18a19179b993a86fa3c02e8041a5043c43c45cf","first_seen":"2023-04-17T08:46:19Z","last_seen":"2026-06-03T20:56:06.166234Z","times_seen":1309,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/down_copyright_1.jpg","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:12.972Z","timestamp":1701345792972,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/down_copyright_1.jpg HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 86247\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 06:43:25 GMT\r\nETag: \"22702d7-150e7-57c52b0d\"\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86247,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1000x260, components 3\\012- data","md5":"f45cbfb2685e353dbf881e39b6038e8b","sha1":"3d262d50ba432cdb3b3043b34e4fb8876a422561","sha256":"c191a0ac3736b50f363af05ad0b890f31fdaf2b9e96de07d9f910a9ebb7ebef5","sha512":"b7e17ed3e2a63406adfe9ed7b28356c13daf0b7986ac4753242724d49f922ead8fd90c35c64af72cbd8ace89380614002f63edcc4ef583ed40f639777d7e5b70","ssdeep":"","tlshash":"","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1962,"timings":{"blocked":835,"dns":0,"connect":0,"send":0,"wait":284,"receive":843,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.xyztec-korea.com/bbs/top_menu_ff1.swf","fqdn":"www.xyztec-korea.com","domain":"xyztec-korea.com","tld":"com"},"ip":{"addr":"183.111.141.116","port":80,"asn":4766,"as":"Korea Telecom","country":"South Korea","country_code":"KR"},"is_navigation_request":false,"resource_type":"object","requested_by":"http://www.xyztec-korea.com/bbs/zboard.php?id=board","date":"2023-11-30T12:03:13.264Z","timestamp":1701345793264,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /bbs/top_menu_ff1.swf HTTP/1.1\r\nHost: www.xyztec-korea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://www.xyztec-korea.com/bbs/zboard.php?id=board\r\nCookie: PHPSESSID=37e1863b820bdd70e9d4c1ef3bd8113b\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 30 Nov 2023 12:03:08 GMT\r\nContent-Type: application/x-shockwave-flash\r\nContent-Length: 28011\r\nConnection: keep-alive\r\nLast-Modified: Tue, 30 Aug 2016 08:20:34 GMT\r\nETag: \"22702f9-6d6b-57c541d2\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14218,"size_decoded":0,"mime_type":"application/x-shockwave-flash","magic":"Macromedia Flash data (compressed), version 7\\012- data","md5":"7c719c2a0285a8c5293ce5a31b812980","sha1":"a8521d1d609e81556b3f4214c43e8547dd0f3c44","sha256":"aa5cb59d3c98b97f79e1d84c1c1cde0261af41e83901918f95f549e56910b9d1","sha512":"0fd184aca21f0ae46449387551faf4fe1b2682d2045a16c28aee6ef6c1bfc00a70cf0bc5fbf07482a9e87e163a79feae073923fdcdb3a95ff2610cb82034d97a","ssdeep":"384:U+yNuSODQhQ5PcpYKvFodQkWVa1o82/j5/f:U+JSuQaPUA7g3/j5/f","tlshash":"fe52bf15c9da8522f30a8f358bef9b53c237f39b92925615c2d801f9774d3c3b298646","first_seen":"2023-11-30T13:03:26Z","last_seen":"2023-11-30T13:03:26Z","times_seen":1,"resource_available":false,"data":null}},"time_used":864,"timings":{"blocked":546,"dns":0,"connect":0,"send":0,"wait":285,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}